Published: 15/01/2012 Updated: 03/12/2016

CVSS v2 Base Score: 6.1 | Impact Score: 6.9 | Exploitability Score: 6.5

VMScore: 543

Vector: AV:A/AC:L/Au:N/C:N/I:N/A:C

The logging functionality in dhcpd in ISC DHCP prior to 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets related to a lease-status update.

Vulnerable Product	Search on Vulmon	Subscribe to Product
isc dhcp 4.2.1
isc dhcp 4.1.0
isc dhcp 4.0.0
isc dhcp 3.0
isc dhcp 3.0.6
isc dhcp 3.0.4
isc dhcp 3.0.3
isc dhcp 3.0.2
isc dhcp 3.0.1
isc dhcp
isc dhcp 4.2.3
isc dhcp 4.2.0
isc dhcp 3.1.0
isc dhcp 3.0.5
isc dhcp 4.2.2

Debian Bug report logs - #655746 CVE-2011-4868: dhcpd crashes in certain IPv6 configurations Package: isc-dhcp; Maintainer for isc-dhcp is Debian ISC DHCP Maintainers <isc-dhcp@packagesdebianorg>; Reported by: Florian Weimer <fw@denebenyode> Date: Fri, 13 Jan 2012 19:36:01 UTC Severity: normal Tags: security Fou ...

CWE-399 https://deepthought.isc.org/article/AA-00595 https://www.isc.org/software/dhcp/advisories/cve-2011-4868 http://security.gentoo.org/glsa/glsa-201301-06.xml https://kb.isc.org/article/AA-00705 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655746 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-4868

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect