Vulnerabilities > ISC > Dhcp > 4.1.esv

DATE CVE VULNERABILITY TITLE RISK
2012-07-25 CVE-2012-3571 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.
low complexity
isc canonical debian CWE-119
6.1
6.1
2011-12-08 CVE-2011-4539 Improper Input Validation vulnerability in multiple products
dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet.
network
low complexity
isc canonical debian CWE-20
5.0
5.0
2011-08-15 CVE-2011-2749 Improper Input Validation vulnerability in multiple products
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet.
network
low complexity
isc debian canonical CWE-20
7.8
7.8
2011-08-15 CVE-2011-2748 Improper Input Validation vulnerability in multiple products
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.
network
low complexity
isc canonical debian CWE-20
7.8
7.8
2011-04-08 CVE-2011-0997 Improper Input Validation vulnerability in multiple products
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
network
low complexity
isc debian canonical CWE-20
7.5
7.5
2011-01-31 CVE-2011-0413 Improper Input Validation vulnerability in ISC Dhcp
The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.
network
low complexity
isc CWE-20
7.8
7.8