7.1 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
6.4 Medium
AI Score
Confidence
Low
0.021 Low
EPSS
Percentile
89.1%
Glen Eustace discovered that the DHCP server incorrectly handled IPv6
expiration times. A remote attacker could use this issue to cause DHCP to
crash, resulting in a denial of service. This issue only affected Ubuntu
11.04, Ubuntu 11.10 and Ubuntu 12.04 LTS. (CVE-2012-3955)
Dan Rosenberg discovered that the DHCP AppArmor profile could be escaped by
using environment variables. This update mitigates the issue by sanitizing
certain variables in the DHCP shell scripts.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 12.04 | noarch | isc-dhcp-server | < 4.1.ESV-R4-0ubuntu5.5 | UNKNOWN |
Ubuntu | 12.04 | noarch | isc-dhcp-client | < 4.1.ESV-R4-0ubuntu5.5 | UNKNOWN |
Ubuntu | 12.04 | noarch | isc-dhcp-client-dbg | < 4.1.ESV-R4-0ubuntu5.5 | UNKNOWN |
Ubuntu | 12.04 | noarch | isc-dhcp-client-udeb | < 4.1.ESV-R4-0ubuntu5.5 | UNKNOWN |
Ubuntu | 12.04 | noarch | isc-dhcp-common | < 4.1.ESV-R4-0ubuntu5.5 | UNKNOWN |
Ubuntu | 12.04 | noarch | isc-dhcp-dev | < 4.1.ESV-R4-0ubuntu5.5 | UNKNOWN |
Ubuntu | 12.04 | noarch | isc-dhcp-relay | < 4.1.ESV-R4-0ubuntu5.5 | UNKNOWN |
Ubuntu | 12.04 | noarch | isc-dhcp-relay-dbg | < 4.1.ESV-R4-0ubuntu5.5 | UNKNOWN |
Ubuntu | 12.04 | noarch | isc-dhcp-server-dbg | < 4.1.ESV-R4-0ubuntu5.5 | UNKNOWN |
Ubuntu | 12.04 | noarch | isc-dhcp-server-ldap | < 4.1.ESV-R4-0ubuntu5.5 | UNKNOWN |