Vulnerabilities > ISC > Dhcp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-07 | CVE-2022-2928 | NULL Pointer Dereference vulnerability in multiple products In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. | 6.5 |
| 2022-10-07 | CVE-2022-2929 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory. | 6.5 |
| 2021-05-26 | CVE-2021-25217 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. | 7.4 |
| 2019-10-09 | CVE-2018-5732 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in ISC Dhcp Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. | 5.0 |
| 2019-01-16 | CVE-2018-5733 | Integer Overflow or Wraparound vulnerability in multiple products A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. | 5.0 |
| 2019-01-16 | CVE-2017-3144 | Resource Exhaustion vulnerability in multiple products A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. | 5.0 |
| 2016-03-09 | CVE-2016-2774 | Improper Input Validation vulnerability in multiple products ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions. | 7.1 |
| 2016-01-14 | CVE-2015-8605 | Improper Input Validation vulnerability in multiple products ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet. | 5.7 |
| 2013-03-28 | CVE-2013-2494 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in ISC Dhcp libdns in ISC DHCP 4.2.x before 4.2.5-P1 allows remote name servers to cause a denial of service (memory consumption) via vectors involving a regular expression, as demonstrated by a memory-exhaustion attack against a machine running a dhcpd process, a related issue to CVE-2013-2266. | 4.9 |
| 2012-09-14 | CVE-2012-3955 | Denial of Service vulnerability in ISC DHCP IPv6 Lease Expiration Handling ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced. | 7.1 |