PT-2011-1027 · Isc+1 · Isc Dhcp+1

Vincent Danen

Published

2011-08-15

Updated

2024-06-15

CVE-2011-2749

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions ISC DHCP versions 3.x through 4.2.2 ISC DHCP 3.1-ESV versions prior to 3.1-ESV-R3 ISC DHCP 4.1-ESV versions prior to 4.1-ESV-R3 dhcp package versions prior to 4.2.4 p2

Description The server allows remote attackers to cause a denial of service via a crafted BOOTP packet. Multiple vulnerabilities in the dhcp package can lead to disruption of protected information availability. These vulnerabilities can be exploited remotely.

Recommendations For ISC DHCP versions 3.x through 4.2.2, update to version 4.2.2 or later. For ISC DHCP 3.1-ESV versions prior to 3.1-ESV-R3, update to version 3.1-ESV-R3 or later. For ISC DHCP 4.1-ESV versions prior to 4.1-ESV-R3, update to version 4.1-ESV-R3 or later. For dhcp package versions prior to 4.2.4 p2, update to version 4.2.4 p2 or later.

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2015-02018

BDU:2015-06085

BDU:2015-06087

BDU:2015-06090

BDU:2015-06112

BDU:2015-06113

BDU:2015-08760

BDU:2015-08761

BDU:2015-08762

BDU:2015-08763

BDU:2015-09699

CVE-2011-2749

DSA-2292-1

OPENSUSE-SU-2024:10358-1

RHSA-2011:1160

RHSA-2011_1160

Affected Products

Isc Dhcp

Red Hat

PT-2011-1027 · Isc+1 · Isc Dhcp+1

CVE-2011-2749

Weakness Enumeration

Related Identifiers

Affected Products

References · 65