Vulnerabilities > ISC > Dhcp > High

DATE CVE VULNERABILITY TITLE RISK
2019-10-09 CVE-2018-5732 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in ISC Dhcp
Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section.
network
low complexity
isc CWE-119
7.5
2019-01-16 CVE-2018-5733 Integer Overflow or Wraparound vulnerability in multiple products
A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash.
network
low complexity
isc redhat canonical debian CWE-190
7.5
2019-01-16 CVE-2017-3144 Resource Exhaustion vulnerability in multiple products
A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server.
network
low complexity
isc redhat canonical debian CWE-400
7.5