Dhcp@4.1-esv Security Vulnerabilities and Issues — Dhcp@4.1-esv CVE List

Lucene search

IscDhcp4.1-esv

16 matches found

CVE•added 2021/05/26 10:15 p.m.•500 views

CVE-2021-25217

In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also pres...

7.4CVSS7.7AI score0.00243EPSS

CVE•added 2022/10/07 5:15 a.m.•262 views

CVE-2022-2929

In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.

6.5CVSS6.7AI score0.00045EPSS

CVE•added 2022/10/07 5:15 a.m.•255 views

CVE-2022-2928

In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The functio...

6.5CVSS6.8AI score0.00041EPSS

CVE•added 2016/03/09 3:59 p.m.•164 views

CVE-2016-2774

ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions.

7.1CVSS5.7AI score0.69959EPSS

CVE•added 2019/01/16 8:29 p.m.•146 views

CVE-2017-3144

A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond t...

7.5CVSS6.2AI score0.23134EPSS

CVE•added 2019/01/16 8:29 p.m.•146 views

CVE-2018-5733

A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0.

7.5CVSS6.7AI score0.2582EPSS

CVE•added 2016/01/14 10:59 p.m.•117 views

CVE-2015-8605

ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.

6.5CVSS5.9AI score0.49966EPSS

CVE•added 2019/10/09 4:15 p.m.•113 views

CVE-2018-5732

Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. Affects ISC DHCP versio...

7.5CVSS7.8AI score0.04167EPSS

CVE•added 2011/04/08 3:17 p.m.•99 views

CVE-2011-0997

dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-sc...

7.5CVSS7.6AI score0.71985EPSS

CVE•added 2011/08/15 9:55 p.m.•75 views

CVE-2011-2748

The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.

7.8CVSS6.2AI score0.87881EPSS

CVE•added 2012/09/14 10:33 a.m.•73 views

CVE-2012-3955

ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.

7.1CVSS6.2AI score0.20025EPSS

CVE•added 2011/08/15 9:55 p.m.•72 views

CVE-2011-2749

The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet.

7.8CVSS6.2AI score0.83085EPSS

CVE•added 2012/07/25 10:42 a.m.•67 views

CVE-2012-3571

ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.

6.1CVSS6.3AI score0.22137EPSS

CVE•added 2011/12/08 11:55 a.m.•66 views

CVE-2011-4539

dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet.

5CVSS6.2AI score0.34285EPSS

CVE•added 2012/07/25 10:42 a.m.•55 views

CVE-2012-3954

Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.

3.3CVSS6.3AI score0.06481EPSS

CVE•added 2011/01/31 9:0 p.m.•54 views

CVE-2011-0413

The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.

7.8CVSS6.3AI score0.11212EPSS