rpm package

opensuse/dhcp&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/dhcp&distro=openSUSE%20Tumbleweed

Vulnerabilities (23)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2022-2929		—	< 4.4.2.P1-11.1	4.4.2.P1-11.1	Oct 7, 2022	In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.
CVE-2022-2928		—	< 4.4.2.P1-11.1	4.4.2.P1-11.1	Oct 7, 2022	In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field
CVE-2021-25217		—	< 4.4.2.P1-2.4	4.4.2.P1-2.4	May 26, 2021	In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect
CVE-2019-6470		—	< 4.4.2.P1-2.4	4.4.2.P1-2.4	Nov 1, 2019	There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing a
CVE-2018-5732		—	< 4.4.2.P1-2.4	4.4.2.P1-2.4	Oct 9, 2019	Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. Affe
CVE-2018-5733		—	< 4.4.2.P1-2.4	4.4.2.P1-2.4	Jan 16, 2019	A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0.
CVE-2017-3144		—	< 4.4.2.P1-2.4	4.4.2.P1-2.4	Jan 16, 2019	A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected bu
CVE-2015-8605	Med	6.5	< 4.3.3.P1-3.1	4.3.3.P1-3.1	Jan 14, 2016	ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.
CVE-2013-2266		—	< 4.3.3.P1-3.1	4.3.3.P1-3.1	Mar 28, 2013	libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exha
CVE-2012-3955		—	< 4.3.3.P1-3.1	4.3.3.P1-3.1	Sep 14, 2012	ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.
CVE-2012-3954		—	< 4.3.3.P1-3.1	4.3.3.P1-3.1	Jul 25, 2012	Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.
CVE-2012-3571		—	< 4.3.3.P1-3.1	4.3.3.P1-3.1	Jul 25, 2012	ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.
CVE-2012-3570		—	< 4.3.3.P1-3.1	4.3.3.P1-3.1	Jul 25, 2012	Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifier parameter.
CVE-2011-4868		—	< 4.3.3.P1-3.1	4.3.3.P1-3.1	Jan 15, 2012	The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) vi
CVE-2011-4539		—	< 4.3.3.P1-3.1	4.3.3.P1-3.1	Dec 8, 2011	dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet.
CVE-2011-2749		—	< 4.3.3.P1-3.1	4.3.3.P1-3.1	Aug 15, 2011	The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet.
CVE-2011-2748		—	< 4.3.3.P1-3.1	4.3.3.P1-3.1	Aug 15, 2011	The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.
CVE-2011-0997		—	< 4.3.3.P1-3.1	4.3.3.P1-3.1	Apr 8, 2011	dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is prov
CVE-2011-0413		—	< 4.3.3.P1-3.1	4.3.3.P1-3.1	Jan 31, 2011	The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned add
CVE-2010-3616		—	< 4.3.3.P1-3.1	4.3.3.P1-3.1	Dec 17, 2010	ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover partnerships, allows remote attackers to cause a denial of service (communications-interrupted state and DHCP client service loss) by connecting to a port that is only intended for a failover peer, as demonstrat

CVE-2022-2929Oct 7, 2022
affected < 4.4.2.P1-11.1fixed 4.4.2.P1-11.1
In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.
CVE-2022-2928Oct 7, 2022
affected < 4.4.2.P1-11.1fixed 4.4.2.P1-11.1
In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field
CVE-2021-25217May 26, 2021
affected < 4.4.2.P1-2.4fixed 4.4.2.P1-2.4
In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect
CVE-2019-6470Nov 1, 2019
affected < 4.4.2.P1-2.4fixed 4.4.2.P1-2.4
There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing a
CVE-2018-5732Oct 9, 2019
affected < 4.4.2.P1-2.4fixed 4.4.2.P1-2.4
Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. Affe
CVE-2018-5733Jan 16, 2019
affected < 4.4.2.P1-2.4fixed 4.4.2.P1-2.4
A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0.
CVE-2017-3144Jan 16, 2019
affected < 4.4.2.P1-2.4fixed 4.4.2.P1-2.4
A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected bu
CVE-2015-8605MedJan 14, 2016
affected < 4.3.3.P1-3.1fixed 4.3.3.P1-3.1
ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.
CVE-2013-2266Mar 28, 2013
affected < 4.3.3.P1-3.1fixed 4.3.3.P1-3.1
libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exha
CVE-2012-3955Sep 14, 2012
affected < 4.3.3.P1-3.1fixed 4.3.3.P1-3.1
ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.
CVE-2012-3954Jul 25, 2012
affected < 4.3.3.P1-3.1fixed 4.3.3.P1-3.1
Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.
CVE-2012-3571Jul 25, 2012
affected < 4.3.3.P1-3.1fixed 4.3.3.P1-3.1
ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.
CVE-2012-3570Jul 25, 2012
affected < 4.3.3.P1-3.1fixed 4.3.3.P1-3.1
Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifier parameter.
CVE-2011-4868Jan 15, 2012
affected < 4.3.3.P1-3.1fixed 4.3.3.P1-3.1
The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) vi
CVE-2011-4539Dec 8, 2011
affected < 4.3.3.P1-3.1fixed 4.3.3.P1-3.1
dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet.
CVE-2011-2749Aug 15, 2011
affected < 4.3.3.P1-3.1fixed 4.3.3.P1-3.1
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet.
CVE-2011-2748Aug 15, 2011
affected < 4.3.3.P1-3.1fixed 4.3.3.P1-3.1
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.
CVE-2011-0997Apr 8, 2011
affected < 4.3.3.P1-3.1fixed 4.3.3.P1-3.1
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is prov
CVE-2011-0413Jan 31, 2011
affected < 4.3.3.P1-3.1fixed 4.3.3.P1-3.1
The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned add
CVE-2010-3616Dec 17, 2010
affected < 4.3.3.P1-3.1fixed 4.3.3.P1-3.1
ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover partnerships, allows remote attackers to cause a denial of service (communications-interrupted state and DHCP client service loss) by connecting to a port that is only intended for a failover peer, as demonstrat

Page 1 of 2