Denial of Service in ISC DHCP by Malformed Client Identifier
CVE-2012-3571

Currently unrated

Key Information:

Vendor

Isc
Status
Dhcp
Vendor
CVE Published:
25 July 2012

What is CVE-2012-3571?

The ISC DHCP versions 4.1.2 to 4.2.4 and pre-4.1-ESV versions are susceptible to a Denial of Service due to the handling of malformed client identifiers. Attackers could exploit this vulnerability to induce an infinite loop within the DHCP service, leading to excessive CPU consumption. As a result, legitimate client requests might be denied processing, severely impacting network availability and functionality.

References

http://www.oracle.com/technetwork/topics/security/ovmbull...
x_refsource_CONFIRM
https://kb.isc.org/article/AA-00712
x_refsource_CONFIRM
http://www.debian.org/security/2012/dsa-2516
vendor-advisoryx_refsource_DEBIAN

EPSS Score

22% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.