CVE-2006-3122

Currently unrated

Key Information:

Vendor: Isc
Status: Dhcpd
Vendor: CVE Published:; 9 August 2006

Summary

The supersede_lease function in memory.c in ISC DHCP (dhcpd) server 2.0pl5 allows remote attackers to cause a denial of service (application crash) via a DHCPDISCOVER packet with a 32 byte client-identifier, which causes the packet to be interpreted as a corrupt uid and causes the server to exit with "corrupt lease uid."

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380273

x_refsource_MISC

http://www.debian.org/security/2006/dsa-1143

vendor-advisoryx_refsource_DEBIAN

http://www.vupen.com/english/advisories/2006/3158

vdb-entryx_refsource_VUPEN

EPSS Score

86% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 9, 2006
Vulnerability Reserved
Jun 21, 2006