7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
ISC DHCP is vulnerable to integer overflows. A malicious DHCP client with local access could send large amounts of traffic to trigger a reference count overflow on the server side, potentially causing dhcpd to crash.
www.securityfocus.com/bid/103188
www.securitytracker.com/id/1040437
access.redhat.com/errata/RHSA-2018:0469
access.redhat.com/errata/RHSA-2018:0483
access.redhat.com/security/updates/classification/#important
kb.isc.org/article/AA-01565
kb.isc.org/article/AA-01567
kb.isc.org/docs/aa-01567
lists.debian.org/debian-lts-announce/2018/03/msg00015.html
usn.ubuntu.com/3586-1/
usn.ubuntu.com/3586-2/
www.debian.org/security/2018/dsa-4133
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P