|
|||
Rule General Information |
---|
Release Date: | 2018-07-16 | |
Rule Name: | DOS ISC DHCP Server Zero Length Client ID Denial of Service Vulnerability (CVE-2010-2156) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of service (server exit) via a zero-length client ID. | |
Impact: | An attacker can launch a denial of service attack by exploiting the vulnerability successfully. | |
Affected OS: | Network Device, Solaris, FreeBSD, Windows, Mac OS, iOS, Other Unix, Linux, Others, Android | |
Reference: | http://ftp.isc.org/isc/dhcp/dhcp-4.0.2-P1-RELNOTES http://ftp.isc.org/isc/dhcp/dhcp-4.1.1-P1-RELNOTES http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042843.html ExploitDB:14185 http://www.mandriva.com/security/advisories?name=MDVSA-2010:114 SecurityFocusBID:40775 SecurityTrackerID:1024093 https://exchange.xforce.ibmcloud.com/vulnerabilities/59222 |
|
Solutions |
---|
The vendor has issued a fix (4.0.2-P1, 4.1.1-P1).The fix will be included in the next beta release for 4.2.0.The vendor's advisory is available at: http://www.isc.org/software/dhcp/advisories/cve-2010-2156 |