FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ISC KEA -- Multiple vulnerabilities

Affected packages
kea < 1.6.0

Details

VuXML ID 20b92374-d62a-11e9-af73-001b217e4ee5
Discovery 2019-08-28
Entry 2019-09-20

Internet Systems Consortium, Inc. reports:

A packet containing a malformed DUID can cause the kea-dhcp6 server to terminate (CVE-2019-6472) [Medium]

An invalid hostname option can cause the kea-dhcp4 server to terminate (CVE-2019-6473) [Medium]

An oversight when validating incoming client requests can lead to a situation where the Kea server
will exit when trying to restart (CVE-2019-6474) [Medium]

[source]

References

CVE Name CVE-2019-6472
CVE Name CVE-2019-6473
CVE Name CVE-2019-6474
URL https://gitlab.isc.org/isc-projects/kea/issues

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.