ISC DHCP Packet Processing Bugs Let Remote Users Deny Service
|
SecurityTracker Alert ID: 1025918 |
SecurityTracker URL: http://securitytracker.com/id/1025918
|
CVE Reference:
CVE-2011-2748, CVE-2011-2749
(Links to External Site)
|
Date: Aug 11 2011
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 3.1.0 through 3.1-ESV-R1 (R2 never released), 4.0 all versions (EOL), 4.1.0 through 4.1.2rc1, 4.1-ESV through 4.1-ESV-R3b1, and 4.2.0 through 4.2.2rc1
|
Description:
Two vulnerabilities were reported in ISC DHCP. A remote user can cause denial of service conditions.
A remote user can send specially crafted data to cause the target service to halt.
David Zych at University of Illinois reported one of these vulnerabilities.
|
Impact:
A remote user can cause the target service to halt.
|
Solution:
The vendor has issued a fix (3.1-ESV-R3, 4.1-ESV-R3, 4.2.2).
The vendor's advisory is available at:
https://www.isc.org/software/dhcp/advisories/cve-2011-2748
|
Vendor URL: www.isc.org/software/dhcp/advisories/cve-2011-2748 (Links to External Site)
|
Cause:
Not specified
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|