Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv2

CVE-2011-0413

Published: 31/01/2011 Updated: 01/04/2020
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
VMScore: 694
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Dhcp

Vulnerability Summary

The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x prior to 4.1.2-P1, 4.0-ESV and 4.1-ESV prior to 4.1-ESV-R1, and 4.2.x prior to 4.2.1b1 allows remote malicious users to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

isc dhcp 4.0

isc dhcp 4.0.0

isc dhcp 4.0.1

isc dhcp 4.0.2

isc dhcp 4.0.3

isc dhcp 4.1.0

isc dhcp 4.1.1

isc dhcp 4.1.2

isc dhcp 4.0-esv

isc dhcp 4.1-esv

isc dhcp 4.2.0

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2011-0413: crash after DHCPv6 decline message
Debian Bug report logs - #611217 CVE-2011-0413: crash after DHCPv6 decline message Package: isc-dhcp-server; Maintainer for isc-dhcp-server is Debian ISC DHCP Maintainers <isc-dhcp@packagesdebianorg>; Source for isc-dhcp-server is src:isc-dhcp (PTS, buildd, popcon) Reported by: Raphael Geissert <geissert@debianorg> ...
Debian Security Advisories: DSA-2184-1 isc-dhcp -- denial of service
It was discovered that the ISC DHCPv6 server does not correctly process requests which come from unexpected source addresses, leading to an assertion failure and a daemon crash The oldstable distribution (lenny) is not affected by this problem For the stable distribution (squeeze), this problem has been fixed in version 411-P1-15+squeeze1 For ...

References

CWE-20http://www.osvdb.org/70680http://www.isc.org/software/dhcp/advisories/cve-2011-0413http://www.vupen.com/english/advisories/2011/0235http://secunia.com/advisories/43006http://secunia.com/advisories/43104http://www.kb.cert.org/vuls/id/686084http://securitytracker.com/id?1024999http://www.securityfocus.com/bid/46035http://secunia.com/advisories/43167http://www.vupen.com/english/advisories/2011/0266http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:022http://www.vupen.com/english/advisories/2011/0300http://secunia.com/advisories/43354http://www.redhat.com/support/errata/RHSA-2011-0256.htmlhttp://www.vupen.com/english/advisories/2011/0400http://www.vupen.com/english/advisories/2011/0583http://secunia.com/advisories/43613http://www.debian.org/security/2011/dsa-2184https://kb.isc.org/article/AA-00456https://exchange.xforce.ibmcloud.com/vulnerabilities/64959https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611217https://nvd.nist.govhttps://www.kb.cert.org/vuls/id/686084
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injectionCVE-2024-35894SQLCVE-2024-5105CVE-2014-100005CVE-2024-35895unauthorizedCVE-2024-22120CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook