Vulnerabilities > ISC > Dhcp > 4.1.2

DATE CVE VULNERABILITY TITLE RISK
2019-10-09 CVE-2018-5732 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in ISC Dhcp
Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section.
network
low complexity
isc CWE-119
7.5
7.5
2016-03-09 CVE-2016-2774 Improper Input Validation vulnerability in multiple products
ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions.
network
high complexity
isc debian canonical CWE-20
5.9
5.9
2016-01-14 CVE-2015-8605 Improper Input Validation vulnerability in multiple products
ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.
low complexity
sophos isc debian canonical CWE-20
6.5
6.5