FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- bootpd buffer overflow

Affected packages
12.0 <= FreeBSD < 12.0_1
11.2 <= FreeBSD < 11.2_7

Details

VuXML ID fa6a4a69-03d1-11e9-be12-a4badb2f4699
Discovery 2018-12-19
Entry 2018-12-19

Problem Description:

Due to insufficient validation of network-provided data it may be possible for a malicious attacker to craft a bootp packet which could cause a stack buffer overflow.

Impact:

It is possible that the buffer overflow could lead to a Denial of Service or remote code execution.

References

CVE Name CVE-2018-1716
FreeBSD Advisory SA-18:15.bootpd

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.