CVE-2020-13529 - log back

CVE-2020-13529 edited at 14 Jul 2021 20:39:39
Description
- An exploitable denial-of-service vulnerability exists in systemd-networkd before version 249. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.
+ An exploitable denial-of-service vulnerability exists in systemd-networkd before version 249. A maliciously crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.
CVE-2020-13529 edited at 14 Jul 2021 20:12:38
Description
- An exploitable denial-of-service vulnerability exists in systemd-networkd. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.
+ An exploitable denial-of-service vulnerability exists in systemd-networkd before version 249. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.
CVE-2020-13529 edited at 26 Jun 2021 13:11:16
References
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142
https://github.com/systemd/systemd/issues/16774
https://github.com/systemd/systemd/pull/20002
- https://github.com/systemd/systemd/commit/6222acc2b59309ac6187450d9e65eceb1b7cc1c5
+ https://github.com/systemd/systemd/commit/38e980a6a5a3442c2f48b1f827284388096d8ca5
CVE-2020-13529 edited at 26 Jun 2021 13:08:12
References
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142
https://github.com/systemd/systemd/issues/16774
+ https://github.com/systemd/systemd/pull/20002
+ https://github.com/systemd/systemd/commit/6222acc2b59309ac6187450d9e65eceb1b7cc1c5
CVE-2020-13529 edited at 10 May 2021 18:51:39
Description
- An exploitable denial-of-service vulnerability exists in systemd. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.
+ An exploitable denial-of-service vulnerability exists in systemd-networkd. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.
CVE-2020-13529 edited at 10 May 2021 18:50:35
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ An exploitable denial-of-service vulnerability exists in systemd. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.
References
+ https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142
+ https://github.com/systemd/systemd/issues/16774
Notes
CVE-2020-13529 created at 10 May 2021 18:48:28