Published: 25/07/2012 Updated: 06/11/2012

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Stack-based buffer overflow in the get_packet method in socket.c in dhcpcd 3.2.3 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long packet.

Vulnerable Product	Search on Vulmon	Subscribe to Product
roy marples dhcpcd 3.2.3

Debian Bug report logs - #671265 [CVE-2012-2152] dhcpcd 323 remote stack overflow / denial of service Package: dhcpcd; Maintainer for dhcpcd is Martin-Éric Racine <martin-ericracine@ikifi>; Source for dhcpcd is src:dhcpcd (PTS, buildd, popcon) Reported by: Luciano Bello <luciano@debianorg> Date: Wed, 2 May 201 ...

It was discovered that dhcpcd, a DHCP client, was vulnerable to a stack overflow A malformed DHCP message could crash the client, causing a denial of service, and potentially remote code execution through properly designed malicous DHCP packets For the stable distribution (squeeze), this problem has been fixed in version 1:323-5+squeeze1 For t ...

Industrial control system gateway fix opens Heartbleed, Shellshock

The Register • Team Register • 03 Dec 2015

Metasploit module released to make 0day pwnage easy

Rapid 7 security man Todd Beardsley says new firmware released to patch hardcoded SSH keys in Advantech EKI industrial control system gateways contains known brutal flaws including Shellshock, Heartbleed, and buffer overflows. A module for the Metasploit hacking box has been published to help attackers hose the zero day holes in systems reachable through the internet. The EKI-122X series hardware last month was found to contain hardcoded SSH keys that mean remote attackers could eavesdrop on the...

CVE-2012-2152

Vulnerability Summary

Vendor Advisories

Recent Articles

References

Vulmon Search

About

Products

Connect