CVSS: 7.5EPSS: 0%CPEs: 102EXPL: 0CVE-2011-4868 – Slackware Security Advisory - dhcp Updates
https://notcve.org/view.php?id=CVE-2011-4868
15 Jan 2012 — The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets related to a lease-status update. La funcionalidad de registro en el dhcpd de ISC DHCP anterior a v4.2.3-P2, cuando se utiliza DNS dinámico (DDNS) y direcciones IPv6, no maneja correctamente la estructura de arrend... • http://security.gentoo.org/glsa/glsa-201301-06.xml • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 34%CPEs: 39EXPL: 0CVE-2011-4539 – dhcp: DoS due to processing certain regular expressions
https://notcve.org/view.php?id=CVE-2011-4539
08 Dec 2011 — dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet. dhcpd en ISC DHCP v4.x antes de v4.2.3-P1 y v4.1-ESV antes de v4.1-ESV-R4 no manipula correctamente expresiones regulares en dhcpd.conf, lo que permite a atacantes remotos provocar una denegación de servicio (caída del deminio) a través de un paquete de petición modificado. The D... • http://lists.fedoraproject.org/pipermail/package-announce/2011-December/070980.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 26%CPEs: 239EXPL: 0CVE-2011-4313 – bind: Remote denial of service against recursive servers via logging negative cache entry
https://notcve.org/view.php?id=CVE-2011-4313
17 Nov 2011 — query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver. query.c en ISC BIND v9.0.x hasta v9.6.x, v9.4-ESV hasta v9.4-ESV-R5, v9.6-ESV hasta v9.6-ESV-R5, v9.7.0 hasta v9.7.4, v9.8.0 hasta v9.... • http://blogs.oracle.com/sunsecurity/entry/cve_2011_4313_denial_of •
CVSS: 7.8EPSS: 87%CPEs: 92EXPL: 0CVE-2011-2748 – dhcp: denial of service flaws
https://notcve.org/view.php?id=CVE-2011-2748
12 Aug 2011 — The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet. El servidor en ISC DHCP v3.x y v4.x anterior a v4.2.2, v3.1-ESV anterior a v3.1-ESV-R3, y v4.1-ESV anterior a v4.1-ESV-R3 permite a atacantes remotos provocar una denegación de servicio (salida de demonio) a través de un paquete DHCP manipulado. The Dynamic Host Configuration Protocol is a protocol that allows ... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 83%CPEs: 92EXPL: 0CVE-2011-2749 – dhcp: denial of service flaws
https://notcve.org/view.php?id=CVE-2011-2749
12 Aug 2011 — The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet. El servidor en ISC DHCP v3.x y v4.x anterior a v4.2.2, v3.1-ESV anterior a v3.1-ESV-R3, y v4.1-ESV anterior a v4.1-ESV-R3 permite a atacantes remotos provocar una denegación de servicio (salida de demonio) a través de un paquete BOOTP manipulado. The Dynamic Host Configuration Protocol is a protocol that allow... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 14%CPEs: 4EXPL: 0CVE-2011-2465 – Gentoo Linux Security Advisory 201206-01
https://notcve.org/view.php?id=CVE-2011-2465
06 Jul 2011 — Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query. Vulnerabilidad no especificada en ISC BIND 9 v9.8.0, v9.8.0-P1, v9.8.0-P2, y v9.8.1b1, cuando la reclusión está habilitada y la Response Policy Zone (RPZ) contiene DNAME o algun registro CNAME, permite a atacantes remotos causar u... • http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062522.html •
CVSS: 7.5EPSS: 33%CPEs: 41EXPL: 0CVE-2011-2464 – bind: Specially constructed packet will cause named to exit
https://notcve.org/view.php?id=CVE-2011-2464
05 Jul 2011 — Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request. Vulnerabilidad no especificada en ISC BIND 9 v9.6.x antesw de v9.6-ESV-R4-P3, v9.7.x antes de v9.7.3-P3, y v9.8.x antes de v9.8.0-P4, permite a usuarios remotos provocar una denegación de servicio a través de una petición UPDATE manipulada. A defect in the affected BIND 9 versions allows an... • http://blogs.oracle.com/sunsecurity/entry/cve_2011_2464_remote_denial •
CVSS: 7.5EPSS: 34%CPEs: 238EXPL: 0CVE-2011-1910 – bind: Large RRSIG RRsets and Negative Caching can crash named
https://notcve.org/view.php?id=CVE-2011-1910
27 May 2011 — Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets. Error de superación de límite (off-by-one) en named de ISC BIND 9.x anteriores a 9.7.3-P1, 9.8.x anteriores a 9.8.0-P2, 9.4-ESV anteriores a 9.4-ESV-R4-P1, y 9.6-ESV anteriores a 9.6-ESV-R4-P1 permite a servidores remotos... • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 22%CPEs: 1EXPL: 0CVE-2011-1907 – BIND 9.8.0 RRSIG Query Denial of Service
https://notcve.org/view.php?id=CVE-2011-1907
06 May 2011 — ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query. ISC BIND v9.8.x anterior a v9.8.0-P1, cuando el reemplazo Response Policy Zones (RPZ) RRset es habilitado, permite a atacantes remotos provocar una denegación de servicio (error de aserción y salida del demonio) a través de un consulta RRSIG. RRSIG queries can trigger a server crash when using response poli... • http://secunia.com/advisories/44416 • CWE-399: Resource Management Errors •
CVSS: 7.9EPSS: 72%CPEs: 67EXPL: 1CVE-2011-0997 – dhclient: insufficient sanitization of certain DHCP response values
https://notcve.org/view.php?id=CVE-2011-0997
07 Apr 2011 — dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script. dhclient en ISC DHCP 3.0.x hasta la versión 4.2.x en versiones anteriores a 4.2.1-P1, 3.1-ESV en versiones anteriores a 3.1-ESV-R1 y 4.1-ESV en versiones anteriores a 4.1-ESV-R2 permite a atacantes remotos e... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •