CVE-2012-3571

EPSS 22.14%
Published 25.07.2012 10:42:35
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.

Affected products Warnungen 0 Metrics 2 CWE 1 References 16

Data is provided by the National Vulnerability Database (NVD)

Isc ≫ Dhcp Version4.1.2

Isc ≫ Dhcp Version4.2.0 Update-

Isc ≫ Dhcp Version4.2.0 Updatea1

Isc ≫ Dhcp Version4.2.0 Updatea2

Isc ≫ Dhcp Version4.2.0 Updateb1

Isc ≫ Dhcp Version4.2.0 Updateb2

Isc ≫ Dhcp Version4.2.0 Updatep1

Isc ≫ Dhcp Version4.2.0 Updaterc1

Isc ≫ Dhcp Version4.2.1 Update-

Isc ≫ Dhcp Version4.2.1 Updateb1

Isc ≫ Dhcp Version4.2.1 Updaterc1

Isc ≫ Dhcp Version4.2.2 Update-

Isc ≫ Dhcp Version4.2.2 Updateb1

Isc ≫ Dhcp Version4.2.2 Updaterc1

Isc ≫ Dhcp Version4.2.3 Update-

Isc ≫ Dhcp Version4.2.3 Updatep1

Isc ≫ Dhcp Version4.2.3 Updatep2

Isc ≫ Dhcp Version4.2.4

Isc ≫ Dhcp Version4.1-esv Update-

Isc ≫ Dhcp Version4.1-esv Updater1

Isc ≫ Dhcp Version4.1-esv Updater2

Isc ≫ Dhcp Version4.1-esv Updater3

Isc ≫ Dhcp Version4.1-esv Updater3_b1

Isc ≫ Dhcp Version4.1-esv Updater4

Isc ≫ Dhcp Version4.1-esv Updater5

Isc ≫ Dhcp Version4.1-esv Updater5_b1

Isc ≫ Dhcp Version4.1-esv Updater5_rc1

Isc ≫ Dhcp Version4.1-esv Updater5_rc2

Canonical ≫ Ubuntu Linux Version11.04

Canonical ≫ Ubuntu Linux Version11.10

Canonical ≫ Ubuntu Linux Version12.04 SwEditionlts

Debian ≫ Debian Linux Version6.0

Debian ≫ Debian Linux Version7.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	22.14%	0.954

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.1	6.5	6.9	AV:A/AC:L/Au:N/C:N/I:N/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761

Third Party Advisory

http://security.gentoo.org/glsa/glsa-201301-06.xml

Third Party Advisory

http://www.debian.org/security/2012/dsa-2519

Third Party Advisory

http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

Third Party Advisory

http://lists.opensuse.org/opensuse-updates/2012-08/msg00030.html

Third Party Advisory

Mailing List

http://www.mandriva.com/security/advisories?name=MDVSA-2012:115