Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.3
CVSSv2

CVE-2012-3954

Published: 25/07/2012 Updated: 01/04/2020
CVSS v2 Base Score: 3.3 | Impact Score: 2.9 | Exploitability Score: 6.5
VMScore: 294
Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Isc

Vulnerability Summary

Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x prior to 4.2.4-P1 and 4.1-ESV prior to 4.1-ESV-R6 allow remote malicious users to cause a denial of service (memory consumption) by sending many requests.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

isc dhcp 4.1.0

isc dhcp 4.1.1

isc dhcp 4.1.2

isc dhcp 4.2.0

isc dhcp 4.2.1

isc dhcp 4.2.2

isc dhcp 4.2.3

isc dhcp 4.2.4

isc dhcp 4.1-esv

debian debian linux 6.0

debian debian linux 7.0

canonical ubuntu linux 11.04

canonical ubuntu linux 11.10

canonical ubuntu linux 12.04

Vendor Advisories

Red Hat: Moderate: dhcp security update
Synopsis Moderate: dhcp security update Type/Severity Security Advisory: Moderate Topic Updated dhcp packages that fix three security issues are now available forRed Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerability Scorin ...
Debian CVElist Bug Report Logs: isc-dhcp: CVE-2012-3570 CVE-2012-3571 CVE-2012-3954
Debian Bug report logs - #686174 isc-dhcp: CVE-2012-3570 CVE-2012-3571 CVE-2012-3954 Package: isc-dhcp; Maintainer for isc-dhcp is Debian ISC DHCP Maintainers <isc-dhcp@packagesdebianorg>; Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Wed, 29 Aug 2012 14:21:02 UTC Severity: grave Tags: patch, security Fix ...
Ubuntu Security Notice: isc-dhcp vulnerabilities
DHCP could be made to crash if it received specially crafted network traffic ...
Debian Security Advisories: DSA-2519-2 isc-dhcp -- several vulnerabilities
Several security vulnerabilities affecting ISC dhcpd, a server for automatic IP address assignment, have been discovered Additionally, the latest security update for isc-dhcp, DSA-2516-1, did not properly apply the patches for CVE-2012-3571 and CVE-2012-3954 This has been addressed in this additional update CVE-2011-4539 BlueCat Networks disc ...
Amazon Linux AMI: ALAS-2012-115
A denial of service flaw was found in the way the dhcpd daemon handled zero-length client identifiers A remote attacker could use this flaw to send a specially-crafted request to dhcpd, possibly causing it to enter an infinite loop and consume an excessive amount of CPU time (CVE-2012-3571) Two memory leak flaws were found in the dhcpd daemon A ...

References

CWE-399https://kb.isc.org/article/AA-00737http://lists.opensuse.org/opensuse-updates/2012-08/msg00030.htmlhttp://www.ubuntu.com/usn/USN-1519-1http://www.debian.org/security/2012/dsa-2516http://rhn.redhat.com/errata/RHSA-2012-1141.htmlhttp://www.debian.org/security/2012/dsa-2519http://www.securitytracker.com/id?1027300http://www.mandriva.com/security/advisories?name=MDVSA-2012:116http://www.mandriva.com/security/advisories?name=MDVSA-2012:115http://security.gentoo.org/glsa/glsa-201301-06.xmlhttp://www.securityfocus.com/bid/54665https://access.redhat.com/errata/RHSA-2012:1141https://usn.ubuntu.com/1519-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987buffer overflowCVE-2024-28890CVE-2024-27574CVE-2024-27347CVE-2024-31450privilegeSSTICVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook