Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
isc dhcp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-3616
ISC DHCP server 4.2 prior to 4.2.0-P2, when configured to use failover partnerships, allows remote malicious users to cause a denial of service (communications-interrupted state and DHCP client service loss) by connecting to a port that is only intended for a failover peer, as de...
Isc Dhcp 4.2.0
6.5
CVSSv3
CVE-2022-2928
In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the ref...
Isc Dhcp 4.1-esv
Isc Dhcp
Debian Debian Linux 10.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
6.5
CVSSv3
CVE-2022-2929
In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.
Isc Dhcp 4.1-esv
Isc Dhcp
Debian Debian Linux 10.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2009-1893
The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command.
Redhat Enterprise Linux 3.0
Isc Dhcp 3.0.1
NA
CVE-2004-1006
Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702.
Isc Dhcpd 3.0
Isc Dhcpd 3.0.1
Isc Dhcpd 3.0 B2pl23
Isc Dhcpd 3.0 B2pl9
Isc Dhcpd 3.0 Pl1
Isc Dhcpd 3.0 Pl2
Isc Dhcpd 2.0.pl5
7.4
CVSSv3
CVE-2021-25217
In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the ...
Isc Dhcp 4.1-esv
Isc Dhcp
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Siemens Ruggedcom Rox Rx1400 Firmware
Siemens Ruggedcom Rox Rx1500 Firmware
Siemens Ruggedcom Rox Rx1501 Firmware
Siemens Ruggedcom Rox Rx1510 Firmware
Siemens Ruggedcom Rox Rx1511 Firmware
Siemens Ruggedcom Rox Rx1512 Firmware
Siemens Ruggedcom Rox Rx1524 Firmware
Siemens Ruggedcom Rox Rx1536 Firmware
Siemens Ruggedcom Rox Rx5000 Firmware
Siemens Ruggedcom Rox Mx5000 Firmware
Netapp Ontap Select Deploy Administration Utility -
Netapp Solidfire \\& Hci Management Node -
Siemens Sinec Ins 1.0
Siemens Sinec Ins
NA
CVE-2006-3122
The supersede_lease function in memory.c in ISC DHCP (dhcpd) server 2.0pl5 allows remote malicious users to cause a denial of service (application crash) via a DHCPDISCOVER packet with a 32 byte client-identifier, which causes the packet to be interpreted as a corrupt uid and cau...
Isc Dhcpd
6.5
CVSSv3
CVE-2019-6472
A packet containing a malformed DUID can cause the Kea DHCPv6 server process (kea-dhcp6) to exit due to an assertion failure. Versions affected: 1.4.0 to 1.5.0, 1.6.0-beta1, and 1.6.0-beta2.
Isc Kea
Isc Kea 1.6.0
6.5
CVSSv3
CVE-2019-6474
A missing check on incoming client requests can be exploited to cause a situation where the Kea server's lease storage contains leases which are rejected as invalid when the server tries to load leases from storage on restart. If the number of such leases exceeds a hard-code...
Isc Kea
Isc Kea 1.6.0
NA
CVE-2002-0702
Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response.
Isc Dhcpd 3.0.1
Isc Dhcpd 3.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »