PT-2012-1169 · Isc+3 · Isc Dhcp+3

Glen Eustace

Published

2012-09-14

Updated

2024-06-15

CVE-2012-3955

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions ISC DHCP versions 4.1.x through 4.1-ESV-R6 ISC DHCP versions 4.2.x through 4.2.4-P1

Description The issue allows remote attackers to cause a denial of service, potentially disrupting the availability of protected information. This can be achieved by establishing an IPv6 lease in an environment where the lease expiration time is later reduced, leading to opportunistic circumstances that may cause the daemon to crash.

Recommendations For ISC DHCP versions 4.1.x through 4.1-ESV-R6, update to version 4.1-ESV-R7 or later. For ISC DHCP versions 4.2.x through 4.2.4-P1, update to version 4.2.4-P2 or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2015-09699

CESA-2013_0504

CVE-2012-3955

DSA-2551-1

OPENSUSE-SU-2024:10358-1

RHSA-2013:0504

RHSA-2013_0504

SUSE-SU-2012_1327-1

Affected Products

Centos

Isc Dhcp

Red Hat

Suse

PT-2012-1169 · Isc+3 · Isc Dhcp+3

CVE-2012-3955

Weakness Enumeration

Related Identifiers

Affected Products

References · 56