Lucene search
HistoryJan 15, 2012 - 3:55 a.m.
CVE-2011-4868
6.1 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:N/I:N/A:C
6.4 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
79.1%
The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets related to a lease-status update.
Affected configurations
Node
iscdhcpRange≤4.2.3p1
ORiscdhcpMatch3.0
ORiscdhcpMatch3.0beta2patchlevel1
ORiscdhcpMatch3.0beta2patchlevel10
ORiscdhcpMatch3.0beta2patchlevel11
ORiscdhcpMatch3.0beta2patchlevel12
ORiscdhcpMatch3.0beta2patchlevel13
ORiscdhcpMatch3.0beta2patchlevel14
ORiscdhcpMatch3.0beta2patchlevel15
ORiscdhcpMatch3.0beta2patchlevel16
ORiscdhcpMatch3.0beta2patchlevel18
ORiscdhcpMatch3.0beta2patchlevel19
ORiscdhcpMatch3.0beta2patchlevel2
ORiscdhcpMatch3.0beta2patchlevel20
ORiscdhcpMatch3.0beta2patchlevel21
ORiscdhcpMatch3.0beta2patchlevel22
ORiscdhcpMatch3.0beta2patchlevel23
ORiscdhcpMatch3.0beta2patchlevel24
ORiscdhcpMatch3.0beta2patchlevel3
ORiscdhcpMatch3.0beta2patchlevel4
ORiscdhcpMatch3.0beta2patchlevel5
ORiscdhcpMatch3.0beta2patchlevel6
ORiscdhcpMatch3.0beta2patchlevel7
ORiscdhcpMatch3.0beta2patchlevel8
ORiscdhcpMatch3.0beta2patchlevel9
ORiscdhcpMatch3.0rc1
ORiscdhcpMatch3.0rc1patchlevel1
ORiscdhcpMatch3.0rc10
ORiscdhcpMatch3.0rc11
ORiscdhcpMatch3.0rc12
ORiscdhcpMatch3.0rc2
ORiscdhcpMatch3.0rc2patchlevel1
ORiscdhcpMatch3.0rc3
ORiscdhcpMatch3.0rc4
ORiscdhcpMatch3.0rc5
ORiscdhcpMatch3.0rc6
ORiscdhcpMatch3.0rc7
ORiscdhcpMatch3.0rc8
ORiscdhcpMatch3.0rc8patchlevel1
ORiscdhcpMatch3.0rc9
ORiscdhcpMatch3.0.1
ORiscdhcpMatch3.0.1rc1
ORiscdhcpMatch3.0.1rc10
ORiscdhcpMatch3.0.1rc11
ORiscdhcpMatch3.0.1rc12
ORiscdhcpMatch3.0.1rc13
ORiscdhcpMatch3.0.1rc14
ORiscdhcpMatch3.0.1rc2
ORiscdhcpMatch3.0.1rc3
ORiscdhcpMatch3.0.1rc4
ORiscdhcpMatch3.0.1rc5
ORiscdhcpMatch3.0.1rc6
ORiscdhcpMatch3.0.1rc7
ORiscdhcpMatch3.0.1rc8
ORiscdhcpMatch3.0.1rc9
ORiscdhcpMatch3.0.2
ORiscdhcpMatch3.0.2b1
ORiscdhcpMatch3.0.2rc1
ORiscdhcpMatch3.0.2rc2
ORiscdhcpMatch3.0.2rc3
ORiscdhcpMatch3.0.3
ORiscdhcpMatch3.0.3b1
ORiscdhcpMatch3.0.3b2
ORiscdhcpMatch3.0.3b3
ORiscdhcpMatch3.0.4
ORiscdhcpMatch3.0.4b1
ORiscdhcpMatch3.0.4b2
ORiscdhcpMatch3.0.4b3
ORiscdhcpMatch3.0.4rc1
ORiscdhcpMatch3.0.5
ORiscdhcpMatch3.0.5rc1
ORiscdhcpMatch3.0.6rc1
ORiscdhcpMatch3.1.0
ORiscdhcpMatch3.1.0a1
ORiscdhcpMatch3.1.0a2
ORiscdhcpMatch3.1.0a3
ORiscdhcpMatch3.1.0b1
ORiscdhcpMatch3.1.0b2
ORiscdhcpMatch4.0.0
ORiscdhcpMatch4.0.0a1
ORiscdhcpMatch4.0.0a2
ORiscdhcpMatch4.0.0a3
ORiscdhcpMatch4.0.0b1
ORiscdhcpMatch4.0.0b2
ORiscdhcpMatch4.0.0b3
ORiscdhcpMatch4.1.0
ORiscdhcpMatch4.1.0a1
ORiscdhcpMatch4.1.0a2
ORiscdhcpMatch4.1.0b1
ORiscdhcpMatch4.2.0
ORiscdhcpMatch4.2.0a1
ORiscdhcpMatch4.2.0a2
ORiscdhcpMatch4.2.0b1
ORiscdhcpMatch4.2.0b2
ORiscdhcpMatch4.2.0rc1
ORiscdhcpMatch4.2.1
ORiscdhcpMatch4.2.1b1
ORiscdhcpMatch4.2.1rc1
ORiscdhcpMatch4.2.2
ORiscdhcpMatch4.2.2b1
ORiscdhcpMatch4.2.2rc1
ORiscdhcpMatch4.2.3
Related
nessus
nessus
Fedora 16 : dhcp-4.2.3-5.P2.fc16 (2012-0490)
2012-01-23 00:00:00
FreeBSD : isc-dhcp-server -- DoS in DHCPv6 (1800886c-3dde-11e1-89b4-001ec9578670)
2012-01-16 00:00:00
openSUSE Security Update : dhcp (openSUSE-2012-71)
2014-06-13 00:00:00
openvas
openvas
FreeBSD Ports: isc-dhcp42-server
2012-02-12 00:00:00
FreeBSD Ports: isc-dhcp42-server
2012-02-12 00:00:00
Fedora Update for dhcp FEDORA-2012-0490
2012-04-02 00:00:00
cvelist
cvelist
CVE-2011-4868
2012-01-15 02:00:00
prion
prion
Null pointer dereference
2012-01-15 03:55:00
debiancve
debiancve
CVE-2011-4868
2012-01-15 03:55:12
freebsd
freebsd
isc-dhcp-server -- DoS in DHCPv6
2012-01-13 00:00:00
ubuntucve
ubuntucve
CVE-2011-4868
2012-01-15 00:00:00
cve
cve
CVE-2011-4868
2012-01-15 03:55:12
fedora
fedora
[SECURITY] Fedora 16 Update: dhcp-4.2.3-5.P2.fc16
2012-01-22 05:25:38
[SECURITY] Fedora 16 Update: dhcp-4.2.3-11.P2.fc16
2012-08-06 07:51:10
[SECURITY] Fedora 16 Update: dhcp-4.2.4-1.P2.fc16
2012-10-03 03:21:03
slackware
slackware
[slackware-security] dhcp
2012-08-24 22:54:35
gentoo
gentoo
ISC DHCP: Denial of service
2013-01-09 00:00:00
6.1 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:N/I:N/A:C
6.4 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
79.1%
Related for NVD:CVE-2011-4868