ISC DHCP TCP Failover Bug Lets Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1024862 |
|
SecurityTracker URL: http://securitytracker.com/id/1024862
|
|
CVE Reference:
CVE-2010-3616
(Links to External Site)
|
Date: Dec 13 2010
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes Exploit Included: Yes
|
Version(s): 4.2 prior to 4.2.0-P2
|
Description:
A vulnerability was reported in ISC DHCP. A remote user can cause denial of service conditions.
A remote user can send specially crafted data to the target server on a port that has been configured for communication with a failover peer to cause the target server to stop responding to all normal DHCP protocol traffic.
The server must be restarted to return to normal operation.
Brad Bendily reported this vulnerability.
|
Impact:
A remote user can cause the target server to stop responding to all normal DHCP protocol traffic.
|
Solution:
The vendor has issued a fix (4.2.0-P2).
The vendor's advisory is available at:
https://www.isc.org/software/dhcp/advisories/cve-2010-3616
|
Vendor URL: www.isc.org/software/dhcp/advisories/cve-2010-3616 (Links to External Site)
|
Cause:
State error
|
Underlying OS:
Linux (Any), UNIX (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Mon, 13 Dec 2010 18:18:21 +0000
Subject: DHCP
|
> DHCP: Server Hangs with TCP to Failover Peer Port
https://www.isc.org/software/dhcp/advisories/cve-2010-3616
CVE-2010-3616
|
|
