VYPR

DHCP

by Isc

CVEs (38)

  • CVE-2007-0062Sep 21, 2007
    risk 0.01cvss epss 0.08

    Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build…

  • CVE-2004-1006Mar 1, 2005
    risk 0.01cvss epss 0.08

    Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702.

  • CVE-2004-0461Aug 6, 2004
    risk 0.01cvss epss 0.17

    The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that…

  • CVE-2003-0039Feb 7, 2003
    risk 0.01cvss epss 0.08

    ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count.

  • CVE-2022-2929Oct 7, 2022
    risk 0.00cvss epss 0.01

    In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.

  • CVE-2022-2928Oct 7, 2022
    risk 0.00cvss epss 0.01

    In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount…

  • CVE-2021-25217May 26, 2021
    risk 0.00cvss epss 0.06

    In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the…

  • CVE-2012-2248Nov 27, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in dhclient 4.3.1-6 due to an embedded path variable.

  • CVE-2019-6470Nov 1, 2019
    risk 0.00cvss epss 0.09

    There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing…

  • CVE-2018-5732Oct 9, 2019
    risk 0.00cvss epss 0.05

    Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section.…

  • CVE-2018-5739Jan 16, 2019
    risk 0.00cvss epss 0.02

    An extension to hooks capabilities which debuted in Kea 1.4.0 introduced a memory leak for operators who are using certain hooks library facilities. In order to support multiple requests simultaneously, Kea 1.4 added a callout handle store but unfortunately the initial…

  • CVE-2013-2494Mar 28, 2013
    risk 0.00cvss epss 0.01

    libdns in ISC DHCP 4.2.x before 4.2.5-P1 allows remote name servers to cause a denial of service (memory consumption) via vectors involving a regular expression, as demonstrated by a memory-exhaustion attack against a machine running a dhcpd process, a related issue to…

  • CVE-2012-3954Jul 25, 2012
    risk 0.00cvss epss 0.04

    Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.

  • CVE-2012-3570Jul 25, 2012
    risk 0.00cvss epss 0.03

    Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifier parameter.

  • CVE-2011-4868Jan 15, 2012
    risk 0.00cvss epss 0.04

    The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash)…

  • CVE-2009-1893Jul 17, 2009
    risk 0.00cvss epss 0.01

    The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command.

  • CVE-2006-3122Aug 9, 2006
    risk 0.00cvss epss 0.04

    The supersede_lease function in memory.c in ISC DHCP (dhcpd) server 2.0pl5 allows remote attackers to cause a denial of service (application crash) via a DHCPDISCOVER packet with a 32 byte client-identifier, which causes the packet to be interpreted as a corrupt uid and causes…

  • CVE-1999-0808Dec 31, 1999
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 and 2.0 allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary commands via long options.

Page 2 of 2