CVE-2011-2748

Name of the Vulnerable Software and Affected Versions dhcp versions 3.0.5 through 4.2.2 dhcp versions prior to 4.2.4 p2 dhcp-3.0.5 dhcp-3.x dhcp-4.x dhclient-3.0.5 dhcp-devel-3.0.5 libdhcp4client-3.0.5 libdhcp4client-devel-3.0.5

Description The issue is related to multiple vulnerabilities in the dhcp package, which can lead to a denial of service (daemon exit) via a crafted DHCP packet. The vulnerabilities can be exploited remotely, potentially disrupting the availability of protected information.

Recommendations For dhcp versions 3.0.5 through 4.2.2, update to version 4.2.2 or later. For dhcp versions prior to 4.2.4 p2, update to version 4.2.4 p2 or later. For dhcp-3.0.5, dhcp-3.x, dhcp-4.x, dhclient-3.0.5, dhcp-devel-3.0.5, libdhcp4client-3.0.5, and libdhcp4client-devel-3.0.5, update to a version that is not affected by the vulnerabilities. As a temporary workaround, consider restricting access to the vulnerable dhcp service until a patch is available.