Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Invalid characters cause assert
Vulnerability Description
To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "[^A-Za-z0-9.-]"; "hostname-char-replacement" must be empty (the default); and "ddns-qualifying-suffix" must *NOT* be empty (the default is empty). DDNS updates do not need to be enabled for this issue to manifest. A client that sends certain option content would then cause kea-dhcp4 to exit unexpectedly. This issue affects Kea versions 3.0.1 through 3.0.1 and 3.1.1 through 3.1.2.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
使用越界的指针偏移
Vulnerability Title
ISC Kea 安全漏洞
Vulnerability Description
ISC Kea是ISC组织的一个现代开源 DHCPv4 和 DHCPv6 服务器。 ISC Kea 3.0.1版本至3.0.1版本和3.1.1版本至3.1.2版本存在安全漏洞,该漏洞源于特定配置参数设置不当,可能导致kea-dhcp4意外退出。
CVSS Information
N/A
Vulnerability Type
N/A