Denial of Service Vulnerability in ISC DHCP by Internet Systems Consortium
CVE-2011-4539

Currently unrated

Key Information:

Vendor

Isc
Status
Dhcp
Vendor
CVE Published:
8 December 2011

What is CVE-2011-4539?

The ISC DHCP server, particularly versions prior to 4.2.3-P1 and 4.1-ESV-R4, fails to adequately process regular expressions present in the dhcpd.conf configuration file. This flaw can be exploited by attackers who send specially crafted request packets, leading to an unexpected crash of the DHCP daemon. As a result, this vulnerability could interrupt essential network services, impacting system availability.

References

http://www.mandriva.com/security/advisories?name=MDVSA-20...
vendor-advisoryx_refsource_MANDRIVA
http://secunia.com/advisories/47153
third-party-advisoryx_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-announce...
vendor-advisoryx_refsource_FEDORA

EPSS Score

34% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.