CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
94.6%
Severity: High
Date : 2018-03-05
CVE-ID : CVE-2018-5733
Package : dhcp
Type : denial of service
Remote : Yes
Link : https://security.archlinux.org/AVG-646
The package dhcp before version 4.4.1-1 is vulnerable to denial of
service.
Upgrade to 4.4.1-1.
The problem has been fixed upstream in version 4.4.1.
None.
A denial of service flaw was found in the way dhcpd handled reference
counting when processing client requests. A malicious DHCP client could
use this flaw to trigger a reference count overflow on the server side,
potentially causing dhcpd to crash, by sending large amounts of
traffic.
A remote attacker is able to crash the dhcpd process by sending large
amounts of traffic.
https://kb.isc.org/article/AA-01567
https://lists.isc.org/pipermail/dhcp-announce/2018-February/000418.html
https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commitdiff;h=197b26f25309f947b97a83b8fdfc414b767798f8
https://bugs.isc.org/Public/Bug/Display.html?id=47140
https://security.archlinux.org/CVE-2018-5733
bugs.isc.org/Public/Bug/Display.html?id=47140
kb.isc.org/article/AA-01567
lists.isc.org/pipermail/dhcp-announce/2018-February/000418.html
security.archlinux.org/AVG-646
security.archlinux.org/CVE-2018-5733
source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commitdiff;h=197b26f25309f947b97a83b8fdfc414b767798f8
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
94.6%