Unrated severityNVD Advisory· Published Dec 8, 2011· Updated Apr 29, 2026
CVE-2011-4539
CVE-2011-4539
Description
dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet.
Affected products
39cpe:2.3:a:isc:dhcp:4.0:*:*:*:*:*:*:*+ 34 more
- cpe:2.3:a:isc:dhcp:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.1:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.1:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.2:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.2:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.2:b2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.2:b3:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.3:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.3:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.1:b3:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:r2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:r3:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:r3_b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.0:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.0:a1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.0:a2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.0:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.0:b2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.0:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.1:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.1:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.2:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.2:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.3:-:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- lists.fedoraproject.org/pipermail/package-announce/2011-December/070980.htmlnvdMailing ListThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2012-January/071549.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2011-12/msg00006.htmlnvdMailing ListThird Party Advisory
- secunia.com/advisories/47153nvdThird Party Advisory
- secunia.com/advisories/47178nvdThird Party Advisory
- security.gentoo.org/glsa/glsa-201301-06.xmlnvdThird Party Advisory
- www.debian.org/security/2012/dsa-2519nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.securityfocus.com/bid/50971nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-1309-1nvdThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/71680nvdThird Party AdvisoryVDB Entry
- www.isc.org/software/dhcp/advisories/cve-2011-4539nvdVendor Advisory
News mentions
0No linked articles in our index yet.