製品・ソフトウェアに関する情報

JVN脆弱性詳細

ISC DHCP にサービス運用妨害 (DoS) の脆弱性

Title	ISC DHCP にサービス運用妨害 (DoS) の脆弱性
Summary	ISC DHCP サーバには、サービス運用妨害 (DoS) の脆弱性が存在します。 ISC から、以下の脆弱性情報が公開されています。 If a TCP connection is established to the server on a port which has been configured for communication with a failover peer, this can cause it to become non-responsive to all normal DHCP protocol traffic. The server will progress to a communications-interrupted state - but in addition will also cease to provide DHCP services to clients. The server must be restarted to resume normal operation. This can be used as an attack vector against servers that are configured for failover partnerships.
Possible impacts	遠隔の第三者によって、サービス運用妨害 (DoS) を受ける可能性があります。
Solution	[アップデートする] この問題は、使用している OS のベンダや配布元が提供する修正済みのバージョンに更新することで解決します。詳細については、ベンダや配布元が提供する情報を参照してください。
Publication Date	Dec. 14, 2010, midnight
Registration Date	Jan. 19, 2011, 3:46 p.m.
Last Update	June 10, 2011, 10:04 a.m.

Affected System

ISC, Inc.

ISC DHCP サーバ 4.2.0 および 4.2.0-P1

ターボリナックス

Turbolinux Appliance Server 2.0 (延長メンテナンス)

Turbolinux Appliance Server 3.0

Turbolinux Appliance Server 3.0 (x64)

Turbolinux Server 10 (延長メンテナンス)

Turbolinux Server 10 (x64) (延長メンテナンス)

Turbolinux Server 11

Turbolinux Server 11 (x64)

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2010-3616	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3616
Knowledge Base
2	CVE-2010-3616: DHCP: Server Hangs with TCP to Failover Peer Port	https://www.isc.org/software/dhcp/advisories/cve-2010-3616
National Vulnerability Database (NVD)
3	CVE-2010-3616	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3616

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-20	https://jvndb.jvn.jp/ja/cwe/CWE-20.html

ベンダー情報

No	Name	URL
Internet Systems Consortium Security Advisory
1	Guidance on the 10 Dec 2010 DHCP Security Advisory	http://www.isc.org/announcement/guidance-10-dec-2010-dhcp-security-advisory
Turbolinux Security Advisory
2	TLSA-2011-16	http://www.turbolinux.co.jp/security/2011/TLSA-2011-16j.txt

その他

No	Name	URL
JVN
1	JVNVU#159528	http://jvn.jp/cert/JVNVU159528
Secunia Advisory
2	SA42618	http://secunia.com/advisories/42618
SecurityFocus
3	45360	http://www.securityfocus.com/bid/45360
SecurityTracker
4	1024862	http://www.securitytracker.com/id?1024862
US-CERT Vulnerability Note
5	VU#159528	http://www.kb.cert.org/vuls/id/159528
VUPEN Security
6	VUPEN/ADV-2010-3208	http://www.vupen.com/english/advisories/2010/3208

Change Log

No	Changed Details	Date of change
0	[2011年01月19日] 掲載 [2011年06月10日] 影響を受けるシステム：ターボリナックス (TLSA-2011-16) の情報を追加ベンダ情報：ターボリナックス (TLSA-2011-16) を追加	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2010-3616

Summary	ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover partnerships, allows remote attackers to cause a denial of service (communications-interrupted state and DHCP client service loss) by connecting to a port that is only intended for a failover peer, as demonstrated by a Nagios check_tcp process check to TCP port 520.
Publication Date	Dec. 18, 2010, 4 a.m.
Registration Date	Jan. 29, 2021, 11:06 a.m.
Last Update	Nov. 21, 2024, 10:19 a.m.

Affected software configurations

Related information, measures and tools

No	URL	タグ
1	http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052329.html
2	http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052329.html
3	http://secunia.com/advisories/42618	Vendor Advisory
4	http://secunia.com/advisories/42618	Vendor Advisory
5	http://secunia.com/advisories/42682
6	http://secunia.com/advisories/42682
7	http://www.kb.cert.org/vuls/id/159528	US Government Resource
8	http://www.kb.cert.org/vuls/id/159528	US Government Resource
9	http://www.mandriva.com/security/advisories?name=MDVSA-2011:001
10	http://www.mandriva.com/security/advisories?name=MDVSA-2011:001
11	http://www.securityfocus.com/bid/45360
12	http://www.securityfocus.com/bid/45360
13	http://www.securitytracker.com/id?1024862
14	http://www.securitytracker.com/id?1024862
15	http://www.vupen.com/english/advisories/2010/3208	Vendor Advisory
16	http://www.vupen.com/english/advisories/2010/3208	Vendor Advisory
17	http://www.vupen.com/english/advisories/2011/0052
18	http://www.vupen.com/english/advisories/2011/0052
19	https://lists.isc.org/pipermail/dhcp-users/2010-December/012368.html
20	https://lists.isc.org/pipermail/dhcp-users/2010-December/012368.html
21	https://www.isc.org/software/dhcp/advisories/cve-2010-3616	Vendor Advisory
22	https://www.isc.org/software/dhcp/advisories/cve-2010-3616	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-20	不適切な入力確認	https://cwe.mitre.org/data/definitions/20.html