Knowledge Base ISC Main Website Ask a Question/Contact ISC
Quick Jump Menu
1 CVE-2013-2494: A Vulnerability in libdns Could Cause Excessive Memory Use in ISC DHCP 4.2

A memory exhaustion bug has been discovered in libdns, which is used by ISC DHCP 4.2. Theoretically this could be exploited to cause memory exhaustion in ISC DHCP 4.2. CVE: CVE-2013-2494 Document Version: 2.0 Posting date: 26 March 2013 Program Impacted:…

2 CVE-2012-3955: Reducing the expiration time for an IPv6 lease may cause the server to crash

CVE: CVE-2012-3955 Document Version: 2.0 Posting date: 12 September 2012 Program Impacted: ISC DHCP 4 Versions affected: 4.1.x, 4.2.x Severity: Medium Exploitable: From networks permitted to send requests to the DHCP server. Description: ISC has discovered…

3 CVE-2012-3954: Memory Leaks Found in ISC DHCP

Title: Memory Leaks Found In ISC DHCP Summary: Two memory leaks have been found and fixed in ISC DHCP. Both are reproducible when running in DHCPv6 mode (with the -6 command-line argument.) The first leak is confirmed to only affect servers operating in DHCPv6…

4 CVE-2012-3570: An Error in the Handling of an Unexpected Client Identifiers can Cause Server Crash When Serving DHCPv6

Title: An error in the handling of an unexpected client identifiers can cause a server crash when serving DHCPv6. CVE: CVE-2012-3570 Document Version: 2.1 Posting date: 24 Jul 2012 Program Impacted: DHCP Versions affected: 4.2.0 --> 4.2.4 Severity: High…

5 CVE-2012-3571: An Error in the Handling of Malformed Client Identifiers can Cause a Denial-of-Service Condition in Affected Servers

An error in the handling of malformed client identifiers can cause a denial-of-service condition in affected servers. CVE: CVE-2012-3571 Document Version: 2.1 Posting date: 24 Jul 2012 Program Impacted: DHCP Versions affected: All versions of 4.2 (including…

6 CVE-2011-4868: An Error in DDNS Processing of DHCPv6 Leases Can Cause a Crash in ISC dhcpd

Improper handling of Dynamic DNS information associated with DHCPv6 leases can cause a segmentation fault in ISC DHCP servers using IPv6 and Dynamic DNS, resulting in denial of service to clients. CVE: CVE-2011-4868 Document Version: 1.2 Posting date: 12…

7 CVE-2011-4539: DHCP Regular Expressions Segfault

DHCP Regular Expressions Segfault Segmentation fault from dhcpd while processing an evaluated regular expression CVE: CVE-2011-4539 Document Version:1.2 Posting date: 07 Dec 2011 Program Impacted: DHCP Versions affected: 4.0.x and higher, including all EOL…

8 CVE-2011-0413: DHCP May Crash After Processing a DHCPv6 Decline Message

DHCP May Crash After Processing a DHCPv6 Decline Message Processing an address previously declined and tagged as abandoned can crash the server. CVE: CVE-2011-0413 CERT: VU#686084 Document version: 1.1 Posting date: 26 Jan 2011 Program Impacted: DHCP Versions…

9 CVE-2011-0997: dhclient Does Not Strip or Escape Shell Meta-characters

DHCP: dhclient does not strip or escape shell meta-characters dhclient doesn't strip or escape certain shell meta-characters in dhcpd responses, allowing a rogue server or party with with escalated privileges on the server to cause remote code execution on…

10 CVE-2011-2748: ISC DHCP Server Halt

ISC DHCP Server Halt Two issues have been found in DHCP that could allow an attacker to cause the server to halt. CVE: CVE-2011-2748 Document Version: 1.1 Posting date: 10 Aug 2011 Program Impacted: DHCP Versions affected: 3.1.0 through 3.1-ESV-R1 (R2 never…