CVE-2007-0062

Published Sep 21, 2007

Last updated 6 years ago

Overview

Description: Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Vendor comments

Red HatThe Red Hat Security Response Team has rated this issue as having low security impact. The risks associated with fixing this bug are greater than the low severity security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux 2.1, 3, 4, or 5: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2007-0062

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:vmware:ace:1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9C6150A-2DF3-4F7B-B024-0F3DBB686124"
          },
          {
            "criteria": "cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8E1A5AA-BD9F-4263-B7C6-E744323C4D74"
          },
          {
            "criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE"
          },
          {
            "criteria": "cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F7AD12A-26C9-48AD-A32A-0F56545DF8E4"
          },
          {
            "criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B7632A4-D120-434D-B35A-303640DB37AB"
          },
          {
            "criteria": "cpe:2.3:a:vmware:workstation:3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7A688A2-3E9C-4AA3-832B-300A5A311C43"
          },
          {
            "criteria": "cpe:2.3:a:vmware:workstation:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89098CFF-4696-4BD9-9BC9-D7C2D92FE729"
          },
          {
            "criteria": "cpe:2.3:a:vmware:workstation:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A30DFFE7-EB73-4A88-A23B-9B386C091314"
          },
          {
            "criteria": "cpe:2.3:a:vmware:workstation:4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A6C230D-7BAA-4A77-9E96-B1B994F4AAC2"
          },
          {
            "criteria": "cpe:2.3:a:vmware:workstation:4.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD0FE7C5-2C46-4B59-9242-A03B986C07DF"
          },
          {
            "criteria": "cpe:2.3:a:vmware:workstation:5.5.0_build_13124:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4BCB22F-7B9A-493B-AE19-18D0C15EA778"
          },
          {
            "criteria": "cpe:2.3:a:vmware:workstation:5.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "294B621F-6C1A-4571-AE13-49495680D255"
          },
          {
            "criteria": "cpe:2.3:a:vmware:workstation:5.5.1_build_19175:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33D6D4DD-13D2-4EA0-A7D7-367C3809ABAB"
          },
          {
            "criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51C6D608-64DE-4CC4-9869-3342E8FD707F"
          },
          {
            "criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_42958:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDEAB605-03F6-4968-8A48-126C7C711043"
          },
          {
            "criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291"
          },
          {
            "criteria": "cpe:2.3:a:vmware:workstation:5.5.4_build_44386:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE2ADE72-4F19-4E73-AC3E-7038FE0D38B8"
          },
          {
            "criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Vendor comments

Configurations

References