FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
2040c7f5-1e3a-11e8-8ae9-0050569f0b83isc-dhcp -- Multiple vulnerabilities

ISC reports:

Failure to properly bounds check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section.

A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash.


Discovery 2018-02-21
Entry 2018-03-02
isc-dhcp44-server
lt 4.4.1

isc-dhcp44-client
lt 4.4.1

isc-dhcp43-server
le 4.3.6

isc-dhcp43-client
le 4.3.6

CVE-2018-5732
CVE-2018-5733
https://kb.isc.org/article/AA-01565
https://kb.isc.org/article/AA-01567