Unrated severityNVD Advisory· Published Sep 14, 2012· Updated Apr 29, 2026
CVE-2012-3955
CVE-2012-3955
Description
ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.
Affected products
31cpe:2.3:a:isc:dhcp:4.1-esv:-:*:*:*:*:*:*+ 24 more
- cpe:2.3:a:isc:dhcp:4.1-esv:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:r2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:r3:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:r3_b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:r4:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:r5:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:r5_b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:r5_rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:r5_rc2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:r6:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.0:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.0:a1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.0:a2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.0:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.1:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.1:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.1:b2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.1:b3:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.2:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.2:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.2:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.2:rc1:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
16- lists.fedoraproject.org/pipermail/package-announce/2012-October/088882.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2012-September/086992.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2012-September/088220.htmlnvdThird Party Advisory
- lists.opensuse.org/opensuse-updates/2012-09/msg00088.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2012-09/msg00103.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2012-09/msg00105.htmlnvdMailing ListThird Party Advisory
- rhn.redhat.com/errata/RHSA-2013-0504.htmlnvdThird Party Advisory
- secunia.com/advisories/51318nvdThird Party Advisory
- security.gentoo.org/glsa/glsa-201301-06.xmlnvdThird Party Advisory
- www.debian.org/security/2012/dsa-2551nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.securityfocus.com/bid/55530nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-1571-1nvdThird Party Advisory
- blogs.oracle.com/sunsecurity/entry/cve_2012_3955_denial_ofnvdThird Party Advisory
- kb.isc.org/article/AA-00779nvdVendor Advisory
News mentions
0No linked articles in our index yet.