Allele Security Alert
ASA-2019-00577
Identifier(s)
ASA-2019-00577, CVE-2019-6473
Title
An invalid hostname option can cause the kea-dhcp4 server to terminate
Vendor(s)
Internet Systems Consortium (ISC)
Product(s)
ISC Kea DHCP
Affected version(s)
ISC Kea DHCP version 1.6.0-beta1
ISC Kea DHCP version 1.6.0-beta2
ISC Kea DHCP version 1.5.0
ISC Kea DHCP version 1.4.0
Fixed version(s)
ISC Kea DHCP version 1.6.0
ISC Kea DHCP version 1.5.0-P-1
ISC Kea DHCP version 1.4.0-P2
Proof of concept
Unknown
Description
An invalid hostname option can trigger an assertion failure in the Kea DHCPv4 server process (kea-dhcp4), causing the server process to exit.
Technical details
Unknown
Credits
Unknown
Reference(s)
CVE-2019-6473: An invalid hostname option can cause the kea-dhcp4 server to terminate
https://kb.isc.org/docs/cve-2019-6473
CVE-2019-6473
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6473
CVE-2019-6473
https://nvd.nist.gov/vuln/detail/CVE-2019-6473
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: October 21, 2019