7.8

CVE-2011-0413

The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IscDhcp Version4.0
IscDhcp Version4.0.0
IscDhcp Version4.0.1 Update-
IscDhcp Version4.0.1 Updateb1
IscDhcp Version4.0.1 Updaterc1
IscDhcp Version4.0.2 Update-
IscDhcp Version4.0.2 Updateb1
IscDhcp Version4.0.2 Updateb2
IscDhcp Version4.0.2 Updateb3
IscDhcp Version4.0.2 Updaterc1
IscDhcp Version4.0.3 Update-
IscDhcp Version4.0.3 Updateb1
IscDhcp Version4.0.3 Updaterc1
IscDhcp Version4.1.0 Update-
IscDhcp Version4.1.1 Update-
IscDhcp Version4.1.1 Updateb1
IscDhcp Version4.1.1 Updateb2
IscDhcp Version4.1.1 Updateb3
IscDhcp Version4.1.1 Updaterc1
IscDhcp Version4.1.2 Update-
IscDhcp Version4.0-esv
IscDhcp Version4.1-esv Update-
IscDhcp Version4.2.0 Update-
IscDhcp Version4.2.0 Updatea1
IscDhcp Version4.2.0 Updatea2
IscDhcp Version4.2.0 Updateb1
IscDhcp Version4.2.0 Updateb2
IscDhcp Version4.2.0 Updatep1
IscDhcp Version4.2.0 Updaterc1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 11.21% 0.928
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://securitytracker.com/id?1024999
Third Party Advisory
VDB Entry
http://www.kb.cert.org/vuls/id/686084
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/46035
Third Party Advisory
VDB Entry