Knowledge Base ISC Main Website Ask a Question/Contact ISC
Quick Jump Menu
1 CVE-2013-2494: A Vulnerability in libdns Could Cause Excessive Memory Use in ISC DHCP 4.2

A memory exhaustion bug has been discovered in libdns, which is used by ISC DHCP 4.2. Theoretically this could be exploited to cause memory exhaustion in ISC DHCP 4.2. CVE: CVE-2013-2494 Document Version: 2.0 Posting date: 26 March 2013 Program Impacted:…

2 CVE-2012-3955: Reducing the expiration time for an IPv6 lease may cause the server to crash

CVE: CVE-2012-3955 Document Version: 2.0 Posting date: 12 September 2012 Program Impacted: ISC DHCP 4 Versions affected: 4.1.x, 4.2.x Severity: Medium Exploitable: From networks permitted to send requests to the DHCP server. Description: ISC has discovered…

3 CVE-2012-3954: Memory Leaks Found in ISC DHCP

Title: Memory Leaks Found In ISC DHCP Summary: Two memory leaks have been found and fixed in ISC DHCP. Both are reproducible when running in DHCPv6 mode (with the -6 command-line argument.) The first leak is confirmed to only affect servers operating in DHCPv6…

4 CVE-2012-3570: An Error in the Handling of an Unexpected Client Identifiers can Cause Server Crash When Serving DHCPv6

Title: An error in the handling of an unexpected client identifiers can cause a server crash when serving DHCPv6. CVE: CVE-2012-3570 Document Version: 2.1 Posting date: 24 Jul 2012 Program Impacted: DHCP Versions affected: 4.2.0 --> 4.2.4 Severity: High…

5 CVE-2012-3571: An Error in the Handling of Malformed Client Identifiers can Cause a Denial-of-Service Condition in Affected Servers

An error in the handling of malformed client identifiers can cause a denial-of-service condition in affected servers. CVE: CVE-2012-3571 Document Version: 2.1 Posting date: 24 Jul 2012 Program Impacted: DHCP Versions affected: All versions of 4.2 (including…

6 CVE-2011-4868: An Error in DDNS Processing of DHCPv6 Leases Can Cause a Crash in ISC dhcpd

Improper handling of Dynamic DNS information associated with DHCPv6 leases can cause a segmentation fault in ISC DHCP servers using IPv6 and Dynamic DNS, resulting in denial of service to clients. CVE: CVE-2011-4868 Document Version: 1.2 Posting date: 12…

7 CVE-2011-4539: DHCP Regular Expressions Segfault

DHCP Regular Expressions Segfault Segmentation fault from dhcpd while processing an evaluated regular expression CVE: CVE-2011-4539 Document Version:1.2 Posting date: 07 Dec 2011 Program Impacted: DHCP Versions affected: 4.0.x and higher, including all EOL…

8 CVE-2011-0413: DHCP May Crash After Processing a DHCPv6 Decline Message

DHCP May Crash After Processing a DHCPv6 Decline Message Processing an address previously declined and tagged as abandoned can crash the server. CVE: CVE-2011-0413 CERT: VU#686084 Document version: 1.1 Posting date: 26 Jan 2011 Program Impacted: DHCP Versions…

9 CVE-2011-0997: dhclient Does Not Strip or Escape Shell Meta-characters

Fixes for ISC this dhclient vulnerability do not protect against September 2014 bash flaws Despite reports from some sources to the contrary, ISC has determined that the changes made in this fix do not prevent exploitation of the September 2014 bash vulnerabilities…

10 CVE-2011-2748: ISC DHCP Server Halt

ISC DHCP Server Halt Two issues have been found in DHCP that could allow an attacker to cause the server to halt. CVE: CVE-2011-2748 Document Version: 1.1 Posting date: 10 Aug 2011 Program Impacted: DHCP Versions affected: 3.1.0 through 3.1-ESV-R1 (R2 never…