Stack-based Buffer Overflow in DHCP Server Implementations by OpenBSD
CVE-2007-5365

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
11 October 2007

Summary

The DHCP server implementations by OpenBSD, specifically versions 4.0 through 4.2, are susceptible to a stack-based buffer overflow within the cons_options function. Attackers can take advantage of this vulnerability by sending a specially crafted DHCP request that specifies a maximum message size smaller than the minimum IP MTU. This could allow for arbitrary code execution or result in a denial of service, causing the DHCP daemon to crash. This vulnerability underscores the importance of maintaining updated software and the need for robust security measures within network services.

References

EPSS Score

57% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.