Knowledge Base ISC Main Website Ask a Question/Contact ISC
Quick Jump Menu
1 CVE-2016-2774: An attacker who is allowed to connect to DHCP inter-server communications and control channels can exhaust server resources

CVE: CVE-2016-2774 Document Version: 2.1 Posting date: 07 March 2016 Program Impacted: ISC DHCP Versions affected: 4.1.0->4.1-ESV-R12-P1, 4.2.0->4.2.8, 4.3.0->4.3.3-P1. Older versions may also be affected but are well beyond their end-of-life (EOL).…

2 CVE-2015-8605: UDP payload length not properly checked

CVE: CVE-2015-8605 Document Version: 2.0 Posting date: 12 January 2016 Program Impacted: DHCP Versions affected: 4.0.x, 4.1.x, 4.2.x, 4.1-ESV -> 4.1-ESV-R12, 4.3.0->4.3.3. 3.x may also be affected but has not been tested. Severity: Medium Exploitable:…

3 CVE-2013-2494: A Vulnerability in libdns Could Cause Excessive Memory Use in ISC DHCP 4.2

A memory exhaustion bug has been discovered in libdns, which is used by ISC DHCP 4.2. Theoretically this could be exploited to cause memory exhaustion in ISC DHCP 4.2. CVE: CVE-2013-2494 Document Version: 2.0 Posting date: 26 March 2013 Program Impacted:…

4 CVE-2012-3955: Reducing the expiration time for an IPv6 lease may cause the server to crash

CVE: CVE-2012-3955 Document Version: 2.0 Posting date: 12 September 2012 Program Impacted: ISC DHCP 4 Versions affected: 4.1.x, 4.2.x Severity: Medium Exploitable: From networks permitted to send requests to the DHCP server. Description: ISC has discovered…

5 CVE-2012-3954: Memory Leaks Found in ISC DHCP

Title: Memory Leaks Found In ISC DHCP Summary: Two memory leaks have been found and fixed in ISC DHCP. Both are reproducible when running in DHCPv6 mode (with the -6 command-line argument.) The first leak is confirmed to only affect servers operating in DHCPv6…

6 CVE-2012-3570: An Error in the Handling of an Unexpected Client Identifiers can Cause Server Crash When Serving DHCPv6

Title: An error in the handling of an unexpected client identifiers can cause a server crash when serving DHCPv6. CVE: CVE-2012-3570 Document Version: 2.1 Posting date: 24 Jul 2012 Program Impacted: DHCP Versions affected: 4.2.0 --> 4.2.4 Severity: High…

7 CVE-2012-3571: An Error in the Handling of Malformed Client Identifiers can Cause a Denial-of-Service Condition in Affected Servers

An error in the handling of malformed client identifiers can cause a denial-of-service condition in affected servers. CVE: CVE-2012-3571 Document Version: 2.1 Posting date: 24 Jul 2012 Program Impacted: DHCP Versions affected: All versions of 4.2 (including…

8 CVE-2011-4868: An Error in DDNS Processing of DHCPv6 Leases Can Cause a Crash in ISC dhcpd

Improper handling of Dynamic DNS information associated with DHCPv6 leases can cause a segmentation fault in ISC DHCP servers using IPv6 and Dynamic DNS, resulting in denial of service to clients. CVE: CVE-2011-4868 Document Version: 1.2 Posting date: 12…

9 CVE-2011-4539: DHCP Regular Expressions Segfault

DHCP Regular Expressions Segfault Segmentation fault from dhcpd while processing an evaluated regular expression CVE: CVE-2011-4539 Document Version:1.2 Posting date: 07 Dec 2011 Program Impacted: DHCP Versions affected: 4.0.x and higher, including all EOL…

10 CVE-2011-0413: DHCP May Crash After Processing a DHCPv6 Decline Message

DHCP May Crash After Processing a DHCPv6 Decline Message Processing an address previously declined and tagged as abandoned can crash the server. CVE: CVE-2011-0413 CERT: VU#686084 Document version: 1.1 Posting date: 26 Jan 2011 Program Impacted: DHCP Versions…

1 2 Next