PT-2016-3931 · Isc+3 · Isc Dhcp+3

Sebastian Poehn

Published

2016-01-12

Updated

2024-06-15

CVE-2015-8605

CVSS v3.1

6.5

Medium

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions ISC DHCP versions 4.1-ESV-R11 and earlier, 4.2.x, and 4.3.x before 4.3.3-P1 ISC DHCP version 4.3.3-P1 and later are not affected, but since only vulnerable versions are listed, the above line is the final version.

Description The issue allows remote attackers to cause a denial of service, resulting in an application crash. This is achieved by sending an invalid length field in a UDP IPv4 packet.

Recommendations For ISC DHCP versions 4.1-ESV-R11 and earlier, update to version 4.1-ESV-R12-P1 or later. For ISC DHCP versions 4.2.x, update to version 4.3.3-P1 or later. For ISC DHCP versions 4.3.x before 4.3.3-P1, update to version 4.3.3-P1 or later.

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

ALT-PU-2017-2138

CVE-2015-8605

DLA-385-1

DLA-385-2

DSA-3442-1

MGASA-2016-0028

OPENSUSE-SU-2024:10358-1

SUSE-SU-2016:0481-1

SUSE-SU-2016:0540-1

SUSE-SU-2016:0541-1

SUSE-SU-2016_0481-1

SUSE-SU-2016_0540-1

SUSE-SU-2016_0541-1

USN-2868-1

Affected Products

Alt Linux

Isc Dhcp

Suse

Ubuntu

PT-2016-3931 · Isc+3 · Isc Dhcp+3

CVE-2015-8605

Weakness Enumeration

Related Identifiers

Affected Products

References · 76