Support Content Notification - Support Portal

BSA-2017-443

Product/Component

Brocade Fabric OS

2 more products

Notification Id

21439

Last Updated

17 November 2017

Initial Publication Date

29 September 2017

Status

Closed

Severity

Medium

CVSS Base Score

2.6

WorkAround

N/A

Affected CVE

CVE-2016-2774

Summary
Security Advisory ID : BSA-2017-443
Component : DHCP
Revision : 1.0: Interim

A resource-consumption flaw was discovered in the DHCP server. dhcpd did not restrict the number of open connections to OMAPI and failover ports. A remote attacker able to establish TCP connections to one of these ports could use this flaw to cause dhcpd to exit unexpectedly, stop responding requests, or exhaust system sockets (denial of service).

Affected Products

Brocade is investigating its product lines to determine which products may be affected by this vulnerability and the impact on each affected product.

Products Confirmed Not Vulnerable

Brocade NetIron OS, Brocade ServerIron ADX, and Brocade Virtual ADX are confirmed not affected by this vulnerability.

Workaround

There are no workarounds that address this vulnerability.

Revision History

Version	Change	Date
1.0	Initial Publication	September 29, 2017
2.0	Updated to address FOS	November 17, 2017

Summary Security Advisory ID : BSA-2017-443 Component : DHCP Revision : 1.0: Interim

Revision History

Summary
Security Advisory ID : BSA-2017-443
Component : DHCP
Revision : 1.0: Interim