|
|
|||
| Rule General Information |
|---|
| Release Date: | 2018-07-16 | |
| Rule Name: | DOS ISC DHCP Server Zero Length Client ID Denial of Service Vulnerability (CVE-2010-2156) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of service (server exit) via a zero-length client ID. | |
| Impact: | An attacker can launch a denial of service attack by exploiting the vulnerability successfully. | |
| Affected OS: | Network Device, Solaris, FreeBSD, Windows, Mac OS, iOS, Other Unix, Linux, Others, Android | |
| Reference: | http://ftp.isc.org/isc/dhcp/dhcp-4.0.2-P1-RELNOTES http://ftp.isc.org/isc/dhcp/dhcp-4.1.1-P1-RELNOTES http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042843.html ExploitDB:14185 http://www.mandriva.com/security/advisories?name=MDVSA-2010:114 SecurityFocusBID:40775 SecurityTrackerID:1024093 https://exchange.xforce.ibmcloud.com/vulnerabilities/59222 |
|
| Solutions |
|---|
| The vendor has issued a fix (4.0.2-P1, 4.1.1-P1).The fix will be included in the next beta release for 4.2.0.The vendor's advisory is available at: http://www.isc.org/software/dhcp/advisories/cve-2010-2156 |