CVSS: 7.5EPSS: 22%CPEs: 33EXPL: 2CVE-2012-3571 – ISC DHCP 4.x - Multiple Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-3571
25 Jul 2012 — ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier. ISC DHCP v4.1.2 a v4.2.4 y v4.1-ESV antes de v4.1-ESV-R6 permite a atacantes remotos causar una denegación de servicio (bucle infinito y excesivo consumo de CPU) a través de un identificador de cliente con formato incorrecto. An unexpected client identifier parameter can cause the ISC DHCP daemon to segmentation fault when runn... • https://packetstorm.news/files/id/115094 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 6%CPEs: 46EXPL: 0CVE-2012-3954 – dhcp: two memory leaks may result in DoS
https://notcve.org/view.php?id=CVE-2012-3954
25 Jul 2012 — Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests. Múltiples fugas de memoria en ISC DHCP 4.1.x y 4.2.x anterior a 4.2.4-P1 y 4.1-ESV anterior a 4.1-ESV-R6, permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) mediante el envío de multitud de peticiones. An unexpected client identifier parameter can cause the ISC DHCP daemon to segmen... • http://lists.opensuse.org/opensuse-updates/2012-08/msg00030.html • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 102EXPL: 0CVE-2011-4868 – Slackware Security Advisory - dhcp Updates
https://notcve.org/view.php?id=CVE-2011-4868
15 Jan 2012 — The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets related to a lease-status update. La funcionalidad de registro en el dhcpd de ISC DHCP anterior a v4.2.3-P2, cuando se utiliza DNS dinámico (DDNS) y direcciones IPv6, no maneja correctamente la estructura de arrend... • http://security.gentoo.org/glsa/glsa-201301-06.xml • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 32%CPEs: 39EXPL: 0CVE-2011-4539 – dhcp: DoS due to processing certain regular expressions
https://notcve.org/view.php?id=CVE-2011-4539
08 Dec 2011 — dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet. dhcpd en ISC DHCP v4.x antes de v4.2.3-P1 y v4.1-ESV antes de v4.1-ESV-R4 no manipula correctamente expresiones regulares en dhcpd.conf, lo que permite a atacantes remotos provocar una denegación de servicio (caída del deminio) a través de un paquete de petición modificado. The D... • http://lists.fedoraproject.org/pipermail/package-announce/2011-December/070980.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 87%CPEs: 92EXPL: 0CVE-2011-2748 – dhcp: denial of service flaws
https://notcve.org/view.php?id=CVE-2011-2748
12 Aug 2011 — The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet. El servidor en ISC DHCP v3.x y v4.x anterior a v4.2.2, v3.1-ESV anterior a v3.1-ESV-R3, y v4.1-ESV anterior a v4.1-ESV-R3 permite a atacantes remotos provocar una denegación de servicio (salida de demonio) a través de un paquete DHCP manipulado. The Dynamic Host Configuration Protocol is a protocol that allows ... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 75%CPEs: 92EXPL: 0CVE-2011-2749 – dhcp: denial of service flaws
https://notcve.org/view.php?id=CVE-2011-2749
12 Aug 2011 — The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet. El servidor en ISC DHCP v3.x y v4.x anterior a v4.2.2, v3.1-ESV anterior a v3.1-ESV-R3, y v4.1-ESV anterior a v4.1-ESV-R3 permite a atacantes remotos provocar una denegación de servicio (salida de demonio) a través de un paquete BOOTP manipulado. The Dynamic Host Configuration Protocol is a protocol that allow... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 • CWE-20: Improper Input Validation •
CVSS: 7.9EPSS: 72%CPEs: 67EXPL: 1CVE-2011-0997 – dhclient: insufficient sanitization of certain DHCP response values
https://notcve.org/view.php?id=CVE-2011-0997
07 Apr 2011 — dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script. dhclient en ISC DHCP 3.0.x hasta la versión 4.2.x en versiones anteriores a 4.2.1-P1, 3.1-ESV en versiones anteriores a 3.1-ESV-R1 y 4.1-ESV en versiones anteriores a 4.1-ESV-R2 permite a atacantes remotos e... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •