Vulnerabilities > CVE-2019-6474 - Missing Release of Resource after Effective Lifetime vulnerability in ISC KEA 1.4.0/1.5.0/1.6.0
Attack vector
ADJACENT_NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
A missing check on incoming client requests can be exploited to cause a situation where the Kea server's lease storage contains leases which are rejected as invalid when the server tries to load leases from storage on restart. If the number of such leases exceeds a hard-coded limit in the Kea code, a server trying to restart will conclude that there is a problem with its lease store and give up. Versions affected: 1.4.0 to 1.5.0, 1.6.0-beta1, and 1.6.0-beta2
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 9 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- HTTP DoS An attacker performs flooding at the HTTP level to bring down only a particular web application rather than anything listening on a TCP/IP connection. This denial of service attack requires substantially fewer packets to be sent which makes DoS harder to detect. This is an equivalent of SYN flood in HTTP. The idea is to keep the HTTP session alive indefinitely and then repeat that hundreds of times. This attack targets resource depletion weaknesses in web server software. The web server will wait to attacker's responses on the initiated HTTP sessions while the connection threads are being exhausted.
Nessus
NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_20B92374D62A11E9AF73001B217E4EE5.NASL description Internet Systems Consortium, Inc. reports : A packet containing a malformed DUID can cause the kea-dhcp6 server to terminate (CVE-2019-6472) [Medium] An invalid hostname option can cause the kea-dhcp4 server to terminate (CVE-2019-6473) [Medium] An oversight when validating incoming client requests can lead to a situation where the Kea server will exit when trying to restart (CVE-2019-6474) [Medium] last seen 2020-06-01 modified 2020-06-02 plugin id 129114 published 2019-09-23 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129114 title FreeBSD : ISC KEA -- Multiple vulnerabilities (20b92374-d62a-11e9-af73-001b217e4ee5) NASL family Fedora Local Security Checks NASL id FEDORA_2019-0811A88D77.NASL description Fixes for CVE-2019-6472, CVE-2019-6473 and CVE-2019-6474 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 128561 published 2019-09-09 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128561 title Fedora 30 : kea (2019-0811a88d77)