7.8

CVE-2011-0413

The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IscDhcp Version4.0
IscDhcp Version4.0.0
IscDhcp Version4.0.1 Update-
IscDhcp Version4.0.1 Updateb1
IscDhcp Version4.0.1 Updaterc1
IscDhcp Version4.0.2 Update-
IscDhcp Version4.0.2 Updateb1
IscDhcp Version4.0.2 Updateb2
IscDhcp Version4.0.2 Updateb3
IscDhcp Version4.0.2 Updaterc1
IscDhcp Version4.0.3 Update-
IscDhcp Version4.0.3 Updateb1
IscDhcp Version4.0.3 Updaterc1
IscDhcp Version4.1.0 Update-
IscDhcp Version4.1.1 Update-
IscDhcp Version4.1.1 Updateb1
IscDhcp Version4.1.1 Updateb2
IscDhcp Version4.1.1 Updateb3
IscDhcp Version4.1.1 Updaterc1
IscDhcp Version4.1.2 Update-
IscDhcp Version4.0-esv
IscDhcp Version4.1-esv Update-
IscDhcp Version4.2.0 Update-
IscDhcp Version4.2.0 Updatea1
IscDhcp Version4.2.0 Updatea2
IscDhcp Version4.2.0 Updateb1
IscDhcp Version4.2.0 Updateb2
IscDhcp Version4.2.0 Updatep1
IscDhcp Version4.2.0 Updaterc1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 32.75% 0.981
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.html
Third Party Advisory
http://secunia.com/advisories/43006
Third Party Advisory
http://secunia.com/advisories/43104
Third Party Advisory
http://secunia.com/advisories/43167
Third Party Advisory
http://secunia.com/advisories/43354
Third Party Advisory
http://secunia.com/advisories/43613
Third Party Advisory
http://securitytracker.com/id?1024999
Third Party Advisory
VDB Entry
http://www.debian.org/security/2011/dsa-2184
Third Party Advisory
http://www.isc.org/software/dhcp/advisories/cve-2011-0413
Vendor Advisory
http://www.kb.cert.org/vuls/id/686084
Third Party Advisory
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2011:022
Third Party Advisory
http://www.osvdb.org/70680
Broken Link
http://www.redhat.com/support/errata/RHSA-2011-0256.html
Third Party Advisory
http://www.securityfocus.com/bid/46035
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2011/0235
Permissions Required
http://www.vupen.com/english/advisories/2011/0266
Permissions Required
http://www.vupen.com/english/advisories/2011/0300
Permissions Required
http://www.vupen.com/english/advisories/2011/0400
Permissions Required
http://www.vupen.com/english/advisories/2011/0583
Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/64959
Third Party Advisory
VDB Entry
https://kb.isc.org/article/AA-00456
Vendor Advisory