SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Embedded Server/Appliance)  >   McAfee Web Gateway Vendors:   McAfee
(McAfee Issues Fix for McAfee Web Gateway) Dhcp Reference Counter Overflow Lets Remote Users Cause the Target dhcpd Service to Crash
SecurityTracker Alert ID:  1040886
SecurityTracker URL:  http://securitytracker.com/id/1040886
CVE Reference:   CVE-2018-5733   (Links to External Site)
Date:  May 10 2018
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 7.7 - 7.7.2.11, 7.8 - 7.8.1.3
Description:   A vulnerability was reported in Dhcp. A remote user can cause the target service to crash. McAfee Web Gateway is affected.

A remote user can send large amounts of data to the target server can send a large number of packets (e.g., billions of packets) to trigger a reference counter overflow and cause the target dhcpd service to consume all available memory and crash.

Felix Wilhelm, Google Security Team, reported this vulnerability.

Impact:   A remote user can cause the target service to crash.
Solution:   McAfee has issued a fix for McAfee Web Gateway (7.7.2.12, 7.8.1.4).

The McAfee advisory is available at:

https://kc.mcafee.com/corporate/index?page=content&id=SB10231

Vendor URL:  kc.mcafee.com/corporate/index?page=content&id=SB10231 (Links to External Site)
Cause:   Boundary error

Message History:   This archive entry is a follow-up to the message listed below.
Feb 28 2018 Dhcp Reference Counter Overflow Lets Remote Users Cause the Target dhcpd Service to Crash



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC