5 results (0.005 seconds)

CVSS: 6.5EPSS: 0%CPEs: 35EXPL: 0

06 Oct 2022 — In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory. En ISC DHCP versiones 1.0 anteriores a 4.4.3, ISC DHCP versiones 4.1-ESV-R1 anteriores a 4.1-ESV-R16-P1, un sistema con acceso a un servidor DHCP, enviando paquetes DHCP diseñados para incluir etiquetas fqdn de más de 63 bytes, podría llegar a causar a el servidor quedarse sin m... • https://kb.isc.org/docs/cve-2022-2929 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 7.5EPSS: 0%CPEs: 102EXPL: 0

15 Jan 2012 — The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets related to a lease-status update. La funcionalidad de registro en el dhcpd de ISC DHCP anterior a v4.2.3-P2, cuando se utiliza DNS dinámico (DDNS) y direcciones IPv6, no maneja correctamente la estructura de arrend... • http://security.gentoo.org/glsa/glsa-201301-06.xml • CWE-399: Resource Management Errors •

CVSS: 10.0EPSS: 28%CPEs: 5EXPL: 1

14 Jul 2009 — Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option. Desbordamiento de búfer basado en pila en el método script_write_params en client/dhclient.c en ISC DHCP dhclient v4.1 anteriores a v4.1.0p1, v4.0 anteriores a v4.0.1p1, v3.1 anteriores a v3.1.2p1, v3.0, y v2.0 permite a servidores DHCP remotos eje... • https://www.exploit-db.com/exploits/9265 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •

CVSS: 10.0EPSS: 9%CPEs: 2EXPL: 0

24 Jun 2000 — ISC DHCP client program dhclient allows remote attackers to execute arbitrary commands via shell metacharacters. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:34.dhclient.asc •

CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0

31 Dec 1999 — Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 and 2.0 allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary commands via long options. • ftp://ftp.isc.org/isc/dhcp/dhcp-1.0-history/dhcp-1.0.0-1.0pl1.diff.gz •