Remote Denial of Service in ISC DHCP Products
CVE-2009-1892

Currently unrated

Key Information:

Vendor

Isc
Status
Dhcp
Vendor
CVE Published:
17 July 2009

What is CVE-2009-1892?

A vulnerability exists in the ISC DHCP daemon, specifically in versions 3.0.4 and 3.1.1, where the simultaneous use of 'dhcp-client-identifier' and 'hardware ethernet' settings can be exploited. Remote attackers can send specially crafted requests that trigger a denial of service condition, causing the daemon to crash and interrupting DHCP services.

References

http://secunia.com/advisories/35830
third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/51717
vdb-entryx_refsource_XF
https://www.redhat.com/archives/fedora-package-announce/2...
vendor-advisoryx_refsource_FEDORA

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.