CVE-2009-1892

2009-07-1716:30:00

CWE-16

[email protected]

web.nvd.nist.gov

cve-2009-1892

isc dhcp

dhcpd

denial of service

daemon crash

remote attack

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.4

Confidence

Low

EPSS

0.073

Percentile

94.1%

JSON

dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and hardware ethernet configuration settings are both used, allows remote attackers to cause a denial of service (daemon crash) via unspecified requests.

Affected configurations

NVD

Node

iscdhcpMatch3.0.4

iscdhcpMatch3.0.4_b1

iscdhcpMatch3.0.4_b2

iscdhcpMatch3.0.4_b3

iscdhcpMatch3.1.1

VendorProductVersionCPE
iscdhcp3.0.4+b3cpe:/a:isc:dhcp:3.0.4+b3:::
iscdhcp3.1.1cpe:/a:isc:dhcp:3.1.1:::
iscdhcp3.0.4+b1cpe:/a:isc:dhcp:3.0.4+b1:::
iscdhcp3.0.4cpe:/a:isc:dhcp:3.0.4:::
iscdhcp3.0.4+b2cpe:/a:isc:dhcp:3.0.4+b2:::

Vendor	Product	Version	CPE
isc	dhcp	3.0.4+b3	cpe:/a:isc:dhcp:3.0.4+b3:::
isc	dhcp	3.1.1	cpe:/a:isc:dhcp:3.1.1:::
isc	dhcp	3.0.4+b1	cpe:/a:isc:dhcp:3.0.4+b1:::
isc	dhcp	3.0.4	cpe:/a:isc:dhcp:3.0.4:::
isc	dhcp	3.0.4+b2	cpe:/a:isc:dhcp:3.0.4+b2:::