7.8

CVE-2011-2748

The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IscDhcp Version3.0
IscDhcp Version3.0.1 Update-
IscDhcp Version3.0.1 Updaterc1
IscDhcp Version3.0.1 Updaterc10
IscDhcp Version3.0.1 Updaterc11
IscDhcp Version3.0.1 Updaterc12
IscDhcp Version3.0.1 Updaterc13
IscDhcp Version3.0.1 Updaterc14
IscDhcp Version3.0.1 Updaterc2
IscDhcp Version3.0.1 Updaterc5
IscDhcp Version3.0.1 Updaterc6
IscDhcp Version3.0.1 Updaterc7
IscDhcp Version3.0.1 Updaterc8
IscDhcp Version3.0.1 Updaterc9
IscDhcp Version3.0.2 Update-
IscDhcp Version3.0.2 Updateb1
IscDhcp Version3.0.2 Updaterc1
IscDhcp Version3.0.2 Updaterc2
IscDhcp Version3.0.2 Updaterc3
IscDhcp Version3.0.3 Updateb1
IscDhcp Version3.0.3 Updateb2
IscDhcp Version3.0.3 Updateb3
IscDhcp Version3.0.4 Update-
IscDhcp Version3.0.4 Updateb1
IscDhcp Version3.0.4 Updateb2
IscDhcp Version3.0.4 Updateb3
IscDhcp Version3.0.4 Updaterc1
IscDhcp Version3.0.5 Update-
IscDhcp Version3.0.5 Updaterc1
IscDhcp Version3.0.6 Updaterc1
IscDhcp Version3.1
IscDhcp Version3.1-esv
IscDhcp Version3.1.0 Update-
IscDhcp Version3.1.0 Updatea1
IscDhcp Version3.1.0 Updatea2
IscDhcp Version3.1.0 Updatea3
IscDhcp Version3.1.0 Updateb1
IscDhcp Version3.1.0 Updateb2
IscDhcp Version3.1.0 Updaterc1
IscDhcp Version3.1.1 Update-
IscDhcp Version3.1.1 Updaterc1
IscDhcp Version3.1.1 Updaterc2
IscDhcp Version3.1.2 Update-
IscDhcp Version3.1.2 Updateb1
IscDhcp Version3.1.2 Updaterc1
IscDhcp Version3.1.3 Update-
IscDhcp Version3.1.3 Updateb1
IscDhcp Version3.1.3 Updaterc1
IscDhcp Version4.0
IscDhcp Version4.0-esv
IscDhcp Version4.0.0
IscDhcp Version4.0.1 Update-
IscDhcp Version4.0.1 Updateb1
IscDhcp Version4.0.1 Updaterc1
IscDhcp Version4.0.2 Update-
IscDhcp Version4.0.2 Updateb1
IscDhcp Version4.0.2 Updateb2
IscDhcp Version4.0.2 Updateb3
IscDhcp Version4.0.2 Updaterc1
IscDhcp Version4.0.3 Update-
IscDhcp Version4.0.3 Updateb1
IscDhcp Version4.0.3 Updaterc1
IscDhcp Version4.1-esv Update-
IscDhcp Version4.1-esv Updater1
IscDhcp Version4.1-esv Updater2
IscDhcp Version4.1-esv Updater3
IscDhcp Version4.1-esv Updater3_b1
IscDhcp Version4.1-esv Updaterc1
IscDhcp Version4.1.0
IscDhcp Version4.1.1 Update-
IscDhcp Version4.1.1 Updateb1
IscDhcp Version4.1.1 Updateb2
IscDhcp Version4.1.1 Updateb3
IscDhcp Version4.1.1 Updaterc1
IscDhcp Version4.1.2
IscDhcp Version4.2.0 Update-
IscDhcp Version4.2.0 Updatea1
IscDhcp Version4.2.0 Updatea2
IscDhcp Version4.2.0 Updateb1
IscDhcp Version4.2.0 Updateb2
IscDhcp Version4.2.0 Updatep1
IscDhcp Version4.2.0 Updaterc1
IscDhcp Version4.2.1 Update-
IscDhcp Version4.2.1 Updateb1
IscDhcp Version4.2.1 Updaterc1
CanonicalUbuntu Linux Version8.04 SwEditionlts
CanonicalUbuntu Linux Version10.04 SwEditionlts
CanonicalUbuntu Linux Version10.10
CanonicalUbuntu Linux Version11.04
DebianDebian Linux Version5.0
DebianDebian Linux Version6.0
DebianDebian Linux Version7.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 38.78% 0.984
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
Third Party Advisory
http://security.gentoo.org/glsa/glsa-201301-06.xml
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065176.html
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2011-09/msg00014.html
Third Party Advisory
Mailing List
http://redmine.pfsense.org/issues/1888
Third Party Advisory
http://secunia.com/advisories/45582
Third Party Advisory
http://secunia.com/advisories/45595
Third Party Advisory
http://secunia.com/advisories/45629
Third Party Advisory
http://secunia.com/advisories/45639
Third Party Advisory
http://secunia.com/advisories/45817
Third Party Advisory
http://secunia.com/advisories/45918
Third Party Advisory
http://secunia.com/advisories/46780
Third Party Advisory
http://securitytracker.com/id?1025918
Third Party Advisory
VDB Entry
http://www.debian.org/security/2011/dsa-2292
Third Party Advisory
http://www.isc.org/files/release-notes/DHCP%203.1-ESV-R3_0.html
Vendor Advisory
http://www.isc.org/files/release-notes/DHCP%204.1-ESV-R3.html
Vendor Advisory
http://www.isc.org/files/release-notes/DHCP%204.2.2_0.html
Vendor Advisory
http://www.isc.org/software/dhcp/advisories/cve-2011-2748
Patch
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:128
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-1160.html
Third Party Advisory
http://www.securityfocus.com/bid/49120
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-1190-1
Third Party Advisory
https://bugzilla.redhat.com/attachment.cgi?id=517665&action=diff
Third Party Advisory
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=729382
Third Party Advisory
Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/69139
Third Party Advisory
VDB Entry
https://hermes.opensuse.org/messages/11695711
Third Party Advisory