Stack-based Buffer Overflow in DHCP Server Implementations by OpenBSD
CVE-2007-5365
Currently unrated
Key Information:
- Vendor
- Oracle
- Vendor
- CVE Published:
- 11 October 2007
Summary
The DHCP server implementations by OpenBSD, specifically versions 4.0 through 4.2, are susceptible to a stack-based buffer overflow within the cons_options function. Attackers can take advantage of this vulnerability by sending a specially crafted DHCP request that specifies a maximum message size smaller than the minimum IP MTU. This could allow for arbitrary code execution or result in a denial of service, causing the DHCP daemon to crash. This vulnerability underscores the importance of maintaining updated software and the need for robust security measures within network services.
References
EPSS Score
57% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved