FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
59e7eb28-b309-11e5-af83-80ee73b5dcf5kea -- unexpected termination while handling a malformed packet

ISC Support reports:

ISC Kea may terminate unexpectedly (crash) while handling a malformed client packet. Related defects in the kea-dhcp4 and kea-dhcp6 servers can cause the server to crash during option processing if a client sends a malformed packet. An attacker sending a crafted malformed packet can cause an ISC Kea server providing DHCP services to IPv4 or IPv6 clients to exit unexpectedly.

  • The kea-dhcp4 server is vulnerable only in versions 0.9.2 and 1.0.0-beta, and furthermore only when logging at debug level 40 or higher. Servers running kea-dhcp4 versions 0.9.1 or lower, and servers which are not logging or are logging at debug level 39 or below are not vulnerable.

  • The kea-dhcp6 server is vulnerable only in versions 0.9.2 and 1.0.0-beta, and furthermore only when logging at debug level 45 or higher. Servers running kea-dhcp6 versions 0.9.1 or lower, and servers which are not logging or are logging at debug level 44 or below are not vulnerable.


Discovery 2015-12-15
Entry 2016-01-04
Modified 2016-01-05
kea
ge 0.9.2 lt 1.0.0

CVE-2015-8373
https://kb.isc.org/article/AA-01318/0/CVE-2015-8373-ISC-Kea%3A-unexpected-termination-while-handling-a-malformed-packet.html