7.8

CVE-2011-2748

The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IscDhcp Version3.0
IscDhcp Version3.0.1 Update-
IscDhcp Version3.0.1 Updaterc1
IscDhcp Version3.0.1 Updaterc10
IscDhcp Version3.0.1 Updaterc11
IscDhcp Version3.0.1 Updaterc12
IscDhcp Version3.0.1 Updaterc13
IscDhcp Version3.0.1 Updaterc14
IscDhcp Version3.0.1 Updaterc2
IscDhcp Version3.0.1 Updaterc5
IscDhcp Version3.0.1 Updaterc6
IscDhcp Version3.0.1 Updaterc7
IscDhcp Version3.0.1 Updaterc8
IscDhcp Version3.0.1 Updaterc9
IscDhcp Version3.0.2 Update-
IscDhcp Version3.0.2 Updateb1
IscDhcp Version3.0.2 Updaterc1
IscDhcp Version3.0.2 Updaterc2
IscDhcp Version3.0.2 Updaterc3
IscDhcp Version3.0.3 Updateb1
IscDhcp Version3.0.3 Updateb2
IscDhcp Version3.0.3 Updateb3
IscDhcp Version3.0.4 Update-
IscDhcp Version3.0.4 Updateb1
IscDhcp Version3.0.4 Updateb2
IscDhcp Version3.0.4 Updateb3
IscDhcp Version3.0.4 Updaterc1
IscDhcp Version3.0.5 Update-
IscDhcp Version3.0.5 Updaterc1
IscDhcp Version3.0.6 Updaterc1
IscDhcp Version3.1
IscDhcp Version3.1-esv
IscDhcp Version3.1.0 Update-
IscDhcp Version3.1.0 Updatea1
IscDhcp Version3.1.0 Updatea2
IscDhcp Version3.1.0 Updatea3
IscDhcp Version3.1.0 Updateb1
IscDhcp Version3.1.0 Updateb2
IscDhcp Version3.1.0 Updaterc1
IscDhcp Version3.1.1 Update-
IscDhcp Version3.1.1 Updaterc1
IscDhcp Version3.1.1 Updaterc2
IscDhcp Version3.1.2 Update-
IscDhcp Version3.1.2 Updateb1
IscDhcp Version3.1.2 Updaterc1
IscDhcp Version3.1.3 Update-
IscDhcp Version3.1.3 Updateb1
IscDhcp Version3.1.3 Updaterc1
IscDhcp Version4.0
IscDhcp Version4.0-esv
IscDhcp Version4.0.0
IscDhcp Version4.0.1 Update-
IscDhcp Version4.0.1 Updateb1
IscDhcp Version4.0.1 Updaterc1
IscDhcp Version4.0.2 Update-
IscDhcp Version4.0.2 Updateb1
IscDhcp Version4.0.2 Updateb2
IscDhcp Version4.0.2 Updateb3
IscDhcp Version4.0.2 Updaterc1
IscDhcp Version4.0.3 Update-
IscDhcp Version4.0.3 Updateb1
IscDhcp Version4.0.3 Updaterc1
IscDhcp Version4.1-esv Update-
IscDhcp Version4.1-esv Updater1
IscDhcp Version4.1-esv Updater2
IscDhcp Version4.1-esv Updater3
IscDhcp Version4.1-esv Updater3_b1
IscDhcp Version4.1-esv Updaterc1
IscDhcp Version4.1.0
IscDhcp Version4.1.1 Update-
IscDhcp Version4.1.1 Updateb1
IscDhcp Version4.1.1 Updateb2
IscDhcp Version4.1.1 Updateb3
IscDhcp Version4.1.1 Updaterc1
IscDhcp Version4.1.2
IscDhcp Version4.2.0 Update-
IscDhcp Version4.2.0 Updatea1
IscDhcp Version4.2.0 Updatea2
IscDhcp Version4.2.0 Updateb1
IscDhcp Version4.2.0 Updateb2
IscDhcp Version4.2.0 Updatep1
IscDhcp Version4.2.0 Updaterc1
IscDhcp Version4.2.1 Update-
IscDhcp Version4.2.1 Updateb1
IscDhcp Version4.2.1 Updaterc1
CanonicalUbuntu Linux Version8.04 SwEditionlts
CanonicalUbuntu Linux Version10.04 SwEditionlts
CanonicalUbuntu Linux Version10.10
CanonicalUbuntu Linux Version11.04
DebianDebian Linux Version5.0
DebianDebian Linux Version6.0
DebianDebian Linux Version7.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 87.79% 0.994
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://securitytracker.com/id?1025918
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/49120
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=729382
Third Party Advisory
Issue Tracking