Lucene search

[email protected]CVE-2016-2774

HistoryMar 09, 2016 - 3:59 p.m.

CVE-2016-2774

2016-03-0915:59:00

CWE-20

[email protected]

web.nvd.nist.gov

130

isc

dhcp

denial of service

vulnerability

cve-2016-2774

nvd

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.7 Medium

AI Score

Confidence

High

0.922 High

EPSS

Percentile

99.0%

JSON

ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions.

Affected configurations

NVD

Node

iscdhcpMatch4.1-esv-

iscdhcpMatch4.1-esvr1

iscdhcpMatch4.1-esvr10

iscdhcpMatch4.1-esvr10_b1

iscdhcpMatch4.1-esvr11_b1

iscdhcpMatch4.1-esvr11_rc1

iscdhcpMatch4.1-esvr11_rc2

iscdhcpMatch4.1-esvr12

iscdhcpMatch4.1-esvr12_b1

iscdhcpMatch4.1-esvr2

iscdhcpMatch4.1-esvr3

iscdhcpMatch4.1-esvr3_b1

iscdhcpMatch4.1-esvr4

iscdhcpMatch4.1-esvr5

iscdhcpMatch4.1-esvr5_b1

iscdhcpMatch4.1-esvr5_rc1

iscdhcpMatch4.1-esvr5_rc2

iscdhcpMatch4.1-esvr6

iscdhcpMatch4.1-esvr7

iscdhcpMatch4.1-esvr8

iscdhcpMatch4.1-esvr8_b1

iscdhcpMatch4.1-esvr8_rc1

iscdhcpMatch4.1-esvr9

iscdhcpMatch4.1-esvr9_b1

iscdhcpMatch4.1-esvr9_rc1

iscdhcpMatch4.1-esvrc1

iscdhcpMatch4.1.0-

iscdhcpMatch4.1.0a1

iscdhcpMatch4.1.0a2

iscdhcpMatch4.1.0b1

iscdhcpMatch4.1.1-

iscdhcpMatch4.1.1b1

iscdhcpMatch4.1.1b2

iscdhcpMatch4.1.1b3

iscdhcpMatch4.1.1p1

iscdhcpMatch4.1.1rc1

iscdhcpMatch4.1.2-

iscdhcpMatch4.1.2b1

iscdhcpMatch4.1.2p1

iscdhcpMatch4.1.2rc1

iscdhcpMatch4.2.0-

iscdhcpMatch4.2.0a1

iscdhcpMatch4.2.0a2

iscdhcpMatch4.2.0b1

iscdhcpMatch4.2.0b2

iscdhcpMatch4.2.0p1

iscdhcpMatch4.2.0p2

iscdhcpMatch4.2.0rc1

iscdhcpMatch4.2.1-

iscdhcpMatch4.2.1b1

iscdhcpMatch4.2.1p1

iscdhcpMatch4.2.1rc1

iscdhcpMatch4.2.2-

iscdhcpMatch4.2.2b1

iscdhcpMatch4.2.2rc1

iscdhcpMatch4.2.3-

iscdhcpMatch4.2.3p1

iscdhcpMatch4.2.3p2

iscdhcpMatch4.2.4-

iscdhcpMatch4.2.4b1

iscdhcpMatch4.2.4p1

iscdhcpMatch4.2.4p2

iscdhcpMatch4.2.4rc1

iscdhcpMatch4.2.4rc2

iscdhcpMatch4.2.5-

iscdhcpMatch4.2.5b1

iscdhcpMatch4.2.5p1

iscdhcpMatch4.2.5rc1

iscdhcpMatch4.2.6-

iscdhcpMatch4.2.6b1

iscdhcpMatch4.2.6rc1

iscdhcpMatch4.2.7-

iscdhcpMatch4.2.7b1

iscdhcpMatch4.2.7rc1

iscdhcpMatch4.2.8-

iscdhcpMatch4.2.8b1

iscdhcpMatch4.2.8rc1

iscdhcpMatch4.2.8rc2

iscdhcpMatch4.3.0-

iscdhcpMatch4.3.0a1

iscdhcpMatch4.3.0b1

iscdhcpMatch4.3.0rc1

iscdhcpMatch4.3.1-

iscdhcpMatch4.3.1b1

iscdhcpMatch4.3.1rc1

iscdhcpMatch4.3.2-

iscdhcpMatch4.3.2b1

iscdhcpMatch4.3.2rc1

iscdhcpMatch4.3.2rc2

iscdhcpMatch4.3.3-

iscdhcpMatch4.3.3b1

Node

debiandebian_linuxMatch8.0

Node

canonicalubuntu_linuxMatch14.04lts

canonicalubuntu_linuxMatch16.04lts

canonicalubuntu_linuxMatch17.10

CPENameOperatorVersion
isc:dhcpisc dhcpeq4.1-esv
isc:dhcpisc dhcpeq4.1.0
isc:dhcpisc dhcpeq4.1.1
isc:dhcpisc dhcpeq4.1.2
isc:dhcpisc dhcpeq4.2.0
isc:dhcpisc dhcpeq4.2.1
isc:dhcpisc dhcpeq4.2.2
isc:dhcpisc dhcpeq4.2.3
isc:dhcpisc dhcpeq4.2.4
isc:dhcpisc dhcpeq4.2.5

CPE	Name	Operator	Version
isc:dhcp	isc dhcp	eq	4.1-esv
isc:dhcp	isc dhcp	eq	4.1.0
isc:dhcp	isc dhcp	eq	4.1.1
isc:dhcp	isc dhcp	eq	4.1.2
isc:dhcp	isc dhcp	eq	4.2.0
isc:dhcp	isc dhcp	eq	4.2.1
isc:dhcp	isc dhcp	eq	4.2.2
isc:dhcp	isc dhcp	eq	4.2.3
isc:dhcp	isc dhcp	eq	4.2.4
isc:dhcp	isc dhcp	eq	4.2.5