Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.1
CVSSv2

CVE-2012-3955

Published: 14/09/2012 Updated: 08/01/2020
CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6
VMScore: 632
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Subscribe to Isc

Vulnerability Summary

ISC DHCP 4.1.x prior to 4.1-ESV-R7 and 4.2.x prior to 4.2.4-P2 allows remote malicious users to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

isc dhcp 4.1-esv

isc dhcp 4.1.0

isc dhcp 4.1.1

isc dhcp 4.1.2

debian debian linux 6.0

debian debian linux 7.0

canonical ubuntu linux 10.04

canonical ubuntu linux 11.04

canonical ubuntu linux 11.10

canonical ubuntu linux 12.04

Vendor Advisories

Red Hat: Low: dhcp security and bug fix update
Synopsis Low: dhcp security and bug fix update Type/Severity Security Advisory: Low Topic Updated dhcp packages that fix one security issue and two bugs are nowavailable for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having lowsecurity impact A Common Vulnerabili ...
Ubuntu Security Notice: dhcp3, isc-dhcp vulnerability
DHCP could be made to crash if it received specially crafted network traffic ...
Debian Security Advisories: DSA-2551-1 isc-dhcp -- denial of service
Glen Eustace discovered that the ISC DHCP server, a server for automatic IP address assignment, is not properly handling changes in the expiration times of a lease An attacker may use this flaw to crash the service and cause denial of service conditions, by reducing the expiration time of an active IPv6 lease For the stable distribution (squeeze) ...
Amazon Linux AMI: ALAS-2013-157
A flaw was found in the way the dhcpd daemon handled the expiration time of IPv6 leases If dhcpd's configuration was changed to reduce the default IPv6 lease time, lease renewal requests for previously assigned leases could cause dhcpd to crash (CVE-2012-3955) ...

References

NVD-CWE-noinfohttps://kb.isc.org/article/AA-00779http://lists.opensuse.org/opensuse-updates/2012-09/msg00088.htmlhttp://www.ubuntu.com/usn/USN-1571-1http://lists.opensuse.org/opensuse-updates/2012-09/msg00103.htmlhttp://lists.opensuse.org/opensuse-updates/2012-09/msg00105.htmlhttp://www.debian.org/security/2012/dsa-2551http://www.securityfocus.com/bid/55530http://www.securitytracker.com/id?1027528http://rhn.redhat.com/errata/RHSA-2013-0504.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2012:153http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088220.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-September/086992.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-October/088882.htmlhttp://secunia.com/advisories/51318https://blogs.oracle.com/sunsecurity/entry/cve_2012_3955_denial_ofhttp://security.gentoo.org/glsa/glsa-201301-06.xmlhttps://access.redhat.com/errata/RHSA-2013:0504https://usn.ubuntu.com/1571-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook