5

CVE-2011-4539

dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IscDhcp Version4.0
IscDhcp Version4.0.0
IscDhcp Version4.0.1 Update-
IscDhcp Version4.0.1 Updateb1
IscDhcp Version4.0.1 Updaterc1
IscDhcp Version4.0.2 Update-
IscDhcp Version4.0.2 Updateb1
IscDhcp Version4.0.2 Updateb2
IscDhcp Version4.0.2 Updateb3
IscDhcp Version4.0.2 Updaterc1
IscDhcp Version4.0.3 Update-
IscDhcp Version4.0.3 Updateb1
IscDhcp Version4.0.3 Updaterc1
IscDhcp Version4.1.1 Updateb3
IscDhcp Version4.1.1 Updaterc1
IscDhcp Version4.1.2
IscDhcp Version4.2.0 Update-
IscDhcp Version4.2.0 Updatea1
IscDhcp Version4.2.0 Updatea2
IscDhcp Version4.2.0 Updateb1
IscDhcp Version4.2.0 Updateb2
IscDhcp Version4.2.0 Updatep1
IscDhcp Version4.2.0 Updaterc1
IscDhcp Version4.2.1 Update-
IscDhcp Version4.2.1 Updateb1
IscDhcp Version4.2.1 Updaterc1
IscDhcp Version4.2.2 Update-
IscDhcp Version4.2.2 Updateb1
IscDhcp Version4.2.2 Updaterc1
IscDhcp Version4.2.3 Update-
IscDhcp Version4.1-esv Update-
IscDhcp Version4.1-esv Updater1
IscDhcp Version4.1-esv Updater2
IscDhcp Version4.1-esv Updater3
IscDhcp Version4.1-esv Updater3_b1
CanonicalUbuntu Linux Version11.04
CanonicalUbuntu Linux Version11.10
DebianDebian Linux Version6.0
DebianDebian Linux Version7.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 15.48% 0.964
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://security.gentoo.org/glsa/glsa-201301-06.xml
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-December/070980.html
Third Party Advisory
Mailing List
http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071549.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-updates/2011-12/msg00006.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/47153
Third Party Advisory
http://secunia.com/advisories/47178
Third Party Advisory
http://www.debian.org/security/2012/dsa-2519
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:182
Third Party Advisory
http://www.securityfocus.com/bid/50971
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1026393
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-1309-1
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/71680
Third Party Advisory
VDB Entry
https://www.isc.org/software/dhcp/advisories/cve-2011-4539
Vendor Advisory