ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:M/Au:N/C:N/I:N/A:C
Vendors Products
Canonical
  • Ubuntu Linux
Debian
  • Debian Linux
Isc
  • Dhcp

Configuration 1 [-]

OR cpe:2.3:a:isc:dhcp:4.1-esv:-:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r2:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r3:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r3_b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r4:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r5:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r5_b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r5_rc1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r5_rc2:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r6:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:rc1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1.0:-:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1.0:a1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1.0:a2:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1.0:b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1.1:-:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1.1:b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1.1:b2:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1.1:b3:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1.1:rc1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1.2:-:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1.2:b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1.2:p1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1.2:rc1:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
References
Link Resource
http://lists.fedoraproject.org/pipermail/package-announce/2012-October/088882.html Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086992.html Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088220.html Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2012-09/msg00088.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2012-09/msg00103.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2012-09/msg00105.html Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2013-0504.html Third Party Advisory
http://secunia.com/advisories/51318 Third Party Advisory
http://security.gentoo.org/glsa/glsa-201301-06.xml Third Party Advisory
http://www.debian.org/security/2012/dsa-2551 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2012:153 Third Party Advisory
http://www.securityfocus.com/bid/55530 Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1027528 Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-1571-1 Third Party Advisory
https://blogs.oracle.com/sunsecurity/entry/cve_2012_3955_denial_of Third Party Advisory
https://kb.isc.org/article/AA-00779 Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2012-09-14T10:00:00

Updated: 2012-09-29T09:00:00

Reserved: 2012-07-11T00:00:00

Link: CVE-2012-3955

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2012-09-14T10:33:21.307

Modified: 2020-01-08T17:16:40.980

Link: CVE-2012-3955

JSON object: View

cve-icon Redhat Information

No data.

CWE