U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:isc:dhcp:4.1-esv:-:*:*:*:*:*:*
  • CPE Name Search: true
There are 13 matching records.
Displaying matches 1 through 13.
Vuln ID Summary CVSS Severity
CVE-2018-5732

Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. Affects ISC DHCP versions 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0

Published: October 09, 2019; 12:15:13 PM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2018-5733

A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0.

Published: January 16, 2019; 3:29:00 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2017-3144

A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested.

Published: January 16, 2019; 3:29:00 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2016-2774

ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions.

Published: March 09, 2016; 10:59:00 AM -0500
V3.1: 5.9 MEDIUM
V2.0: 7.1 HIGH
CVE-2015-8605

ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.

Published: January 14, 2016; 5:59:00 PM -0500
V3.0: 6.5 MEDIUM
V2.0: 5.7 MEDIUM
CVE-2012-3955

ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.

Published: September 14, 2012; 6:33:21 AM -0400
V3.x:(not available)
V2.0: 7.1 HIGH
CVE-2012-3954

Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.

Published: July 25, 2012; 6:42:35 AM -0400
V3.x:(not available)
V2.0: 3.3 LOW
CVE-2012-3571

ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.

Published: July 25, 2012; 6:42:35 AM -0400
V3.x:(not available)
V2.0: 6.1 MEDIUM
CVE-2011-4539

dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet.

Published: December 08, 2011; 6:55:02 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2011-2749

The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet.

Published: August 15, 2011; 5:55:02 PM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2011-2748

The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.

Published: August 15, 2011; 5:55:02 PM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2011-0997

dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.

Published: April 08, 2011; 11:17:27 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-0413

The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.

Published: January 31, 2011; 4:00:18 PM -0500
V3.x:(not available)
V2.0: 7.8 HIGH