{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-09-19T00:00:00", "descriptions": [{"lang": "en", "value": "Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"}, {"name": "25729", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/25729"}, {"name": "GLSA-200711-23", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"}, {"name": "20090312 rPSA-2009-0041-1 dhclient dhcp libdhcp4client", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/501759/100/0/threaded"}, {"name": "USN-543-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-543-1"}, {"name": "1018717", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1018717"}, {"name": "ADV-2007-3229", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/3229"}, {"name": "27694", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27694"}, {"name": "31396", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31396"}, {"name": "20070919 VMWare DHCP Server Remote Code Execution Vulnerabilities", "tags": ["third-party-advisory", "x_refsource_ISS"], "url": "http://www.iss.net/threats/275.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0041"}, {"name": "dhcp-param-overflow(33102)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33102"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=339561"}, {"name": "GLSA-200808-05", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200808-05.xml"}, {"name": "MDVSA-2009:153", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:153"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"}, {"name": "SUSE-SR:2009:005", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html"}, {"name": "26890", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26890"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"}, {"name": "34263", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34263"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"}, {"name": "27706", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27706"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=227135"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-0062", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"}, {"name": "25729", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25729"}, {"name": "GLSA-200711-23", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"}, {"name": "20090312 rPSA-2009-0041-1 dhclient dhcp libdhcp4client", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/501759/100/0/threaded"}, {"name": "USN-543-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-543-1"}, {"name": "1018717", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018717"}, {"name": "ADV-2007-3229", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3229"}, {"name": "27694", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27694"}, {"name": "31396", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31396"}, {"name": "20070919 VMWare DHCP Server Remote Code Execution Vulnerabilities", "refsource": "ISS", "url": "http://www.iss.net/threats/275.html"}, {"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"}, {"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0041", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0041"}, {"name": "dhcp-param-overflow(33102)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33102"}, {"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=339561", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=339561"}, {"name": "GLSA-200808-05", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200808-05.xml"}, {"name": "MDVSA-2009:153", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:153"}, {"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"}, {"name": "SUSE-SR:2009:005", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html"}, {"name": "26890", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26890"}, {"name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"}, {"name": "34263", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34263"}, {"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"}, {"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"}, {"name": "27706", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27706"}, {"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"}, {"name": "http://bugs.gentoo.org/show_bug.cgi?id=227135", "refsource": "CONFIRM", "url": "http://bugs.gentoo.org/show_bug.cgi?id=227135"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:03:37.108Z"}, "title": "CVE Program Container", "references": [{"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"}, {"name": "25729", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/25729"}, {"name": "GLSA-200711-23", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"}, {"name": "20090312 rPSA-2009-0041-1 dhclient dhcp libdhcp4client", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/501759/100/0/threaded"}, {"name": "USN-543-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-543-1"}, {"name": "1018717", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1018717"}, {"name": "ADV-2007-3229", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/3229"}, {"name": "27694", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27694"}, {"name": "31396", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31396"}, {"name": "20070919 VMWare DHCP Server Remote Code Execution Vulnerabilities", "tags": ["third-party-advisory", "x_refsource_ISS", "x_transferred"], "url": "http://www.iss.net/threats/275.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0041"}, {"name": "dhcp-param-overflow(33102)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33102"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=339561"}, {"name": "GLSA-200808-05", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200808-05.xml"}, {"name": "MDVSA-2009:153", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:153"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"}, {"name": "SUSE-SR:2009:005", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html"}, {"name": "26890", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26890"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"}, {"name": "34263", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/34263"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"}, {"name": "27706", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27706"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=227135"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-0062", "datePublished": "2007-09-21T18:00:00", "dateReserved": "2007-01-04T00:00:00", "dateUpdated": "2024-08-07T12:03:37.108Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:ace:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D9C6150A-2DF3-4F7B-B024-0F3DBB686124", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A8E1A5AA-BD9F-4263-B7C6-E744323C4D74", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F7AD12A-26C9-48AD-A32A-0F56545DF8E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5B7632A4-D120-434D-B35A-303640DB37AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "B7A688A2-3E9C-4AA3-832B-300A5A311C43", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "89098CFF-4696-4BD9-9BC9-D7C2D92FE729", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A30DFFE7-EB73-4A88-A23B-9B386C091314", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "9A6C230D-7BAA-4A77-9E96-B1B994F4AAC2", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:4.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "AD0FE7C5-2C46-4B59-9242-A03B986C07DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:5.5.0_build_13124:*:*:*:*:*:*:*", "matchCriteriaId": "B4BCB22F-7B9A-493B-AE19-18D0C15EA778", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:5.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "294B621F-6C1A-4571-AE13-49495680D255", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:5.5.1_build_19175:*:*:*:*:*:*:*", "matchCriteriaId": "33D6D4DD-13D2-4EA0-A7D7-367C3809ABAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:*", "matchCriteriaId": "51C6D608-64DE-4CC4-9869-3342E8FD707F", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_42958:*:*:*:*:*:*:*", "matchCriteriaId": "DDEAB605-03F6-4968-8A48-126C7C711043", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:5.5.4_build_44386:*:*:*:*:*:*:*", "matchCriteriaId": "AE2ADE72-4F19-4E73-AC3E-7038FE0D38B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients."}, {"lang": "es", "value": "Un desbordamiento enteros en el dhcpd ISC versi\u00f3n 3.0.x anterior a 3.0.7 y versi\u00f3n 3.1.x anterior a 3.1.1; y el servidor DHCP en EMC VMware Workstation anterior a versi\u00f3n 5.5.5 Build 56455 y versi\u00f3n 6.x anterior a 6.0.1 Build 55017, Player anterior a versi\u00f3n 1.0.5 Build 56455 y Player 2 anterior a versi\u00f3n 2.0.1 Build 55017, ACE anterior a versi\u00f3n 1.0.3 Build 54075 y ACE 2 anterior a versi\u00f3n 2.0.1 Build 55017, y Server versi\u00f3n 1.0.4 56528; permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo del demonio) o ejecutar c\u00f3digo arbitrario por medio de un paquete DHCP con formato inapropiado con un gran tama\u00f1o de mensaje m\u00e1ximo dhcp que desencadena un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria, relacionado con servidores configurados para enviar muchas opciones DHCP a clientes."}], "id": "CVE-2007-0062", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-09-21T19:17:00.000", "references": [{"source": "cve@mitre.org", "url": "http://bugs.gentoo.org/show_bug.cgi?id=227135"}, {"source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/26890"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/27694"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/27706"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/31396"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/34263"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200808-05.xml"}, {"source": "cve@mitre.org", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0041"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.iss.net/threats/275.html"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:153"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/501759/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/25729"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1018717"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-543-1"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/3229"}, {"source": "cve@mitre.org", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=339561"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33102"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.gentoo.org/show_bug.cgi?id=227135"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/26890"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/27694"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/27706"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/31396"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/34263"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200808-05.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0041"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.iss.net/threats/275.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:153"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/501759/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/25729"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1018717"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-543-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/3229"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=339561"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33102"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "The Red Hat Security Response Team has rated this issue as having low security impact. The risks associated with fixing this bug are greater than the low severity security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux 2.1, 3, 4, or 5:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2007-0062\n", "lastModified": "2008-06-03T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "dhcpd possible DoS via large max-message-size option", "id": "339561", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=339561"}, "csaw": false, "details": ["Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients."], "name": "CVE-2007-0062", "public_date": "2007-09-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2007-0062\nhttps://nvd.nist.gov/vuln/detail/CVE-2007-0062"], "statement": "The Red Hat Product Security has rated this issue as having low security impact. The risks associated with fixing this bug are greater than the low severity security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux 2.1, 3, 4, or 5:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2007-0062", "threat_severity": "Low"}