Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2011-4539

Published: 08/12/2011 Updated: 01/04/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Dhcp

Vulnerability Summary

dhcpd in ISC DHCP 4.x prior to 4.2.3-P1 and 4.1-ESV prior to 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote malicious users to cause a denial of service (daemon crash) via a crafted request packet.

Vulnerable Product Search on Vulmon Subscribe to Product

isc dhcp 4.0

isc dhcp 4.0.0

isc dhcp 4.0.1

isc dhcp 4.0.2

isc dhcp 4.0.3

isc dhcp 4.1.1

isc dhcp 4.1.2

isc dhcp 4.2.0

isc dhcp 4.2.1

isc dhcp 4.2.2

isc dhcp 4.2.3

isc dhcp 4.1-esv

canonical ubuntu linux 11.04

canonical ubuntu linux 11.10

debian debian linux 6.0

debian debian linux 7.0

Vendor Advisories

Red Hat: Moderate: dhcp security update
Synopsis Moderate: dhcp security update Type/Severity Security Advisory: Moderate Topic Updated dhcp packages that fix one security issue are now available forRed Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having moderatesecurity impact A Common Vulnerability Scoring ...
Debian CVElist Bug Report Logs: [CVE-2011-4539] DoS with regular expressions in dhcpd.conf
Debian Bug report logs - #652259 [CVE-2011-4539] DoS with regular expressions in dhcpdconf Package: isc-dhcp; Maintainer for isc-dhcp is Debian ISC DHCP Maintainers <isc-dhcp@packagesdebianorg>; Reported by: Florian Weimer <fw@denebenyode> Date: Thu, 15 Dec 2011 18:30:01 UTC Severity: important Tags: fixed-upstr ...
Ubuntu Security Notice: isc-dhcp vulnerability
DHCP could be made to crash if it received specially crafted network traffic ...
Debian Security Advisories: DSA-2519-2 isc-dhcp -- several vulnerabilities
Several security vulnerabilities affecting ISC dhcpd, a server for automatic IP address assignment, have been discovered Additionally, the latest security update for isc-dhcp, DSA-2516-1, did not properly apply the patches for CVE-2012-3571 and CVE-2012-3954 This has been addressed in this additional update CVE-2011-4539 BlueCat Networks disc ...
Amazon Linux AMI: ALAS-2012-031
A denial of service flaw was found in the way the dhcpd daemon handled DHCP request packets when regular expression matching was used in "/etc/dhcp/dhcpdconf" A remote attacker could use this flaw to crash dhcpd (CVE-2011-4539) ...

References

CWE-20https://www.isc.org/software/dhcp/advisories/cve-2011-4539http://www.securitytracker.com/id?1026393http://www.securityfocus.com/bid/50971http://secunia.com/advisories/47153http://www.mandriva.com/security/advisories?name=MDVSA-2011:182http://www.ubuntu.com/usn/USN-1309-1http://secunia.com/advisories/47178http://lists.fedoraproject.org/pipermail/package-announce/2011-December/070980.htmlhttp://lists.opensuse.org/opensuse-updates/2011-12/msg00006.htmlhttp://www.debian.org/security/2012/dsa-2519http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071549.htmlhttp://security.gentoo.org/glsa/glsa-201301-06.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/71680https://access.redhat.com/errata/RHSA-2011:1819https://usn.ubuntu.com/1309-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook