|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-10-28 | |
| Rule Name: | ISC DHCP Server DHCPv6 NULL Pointer Dereference Vulnerability (CVE-2011-4868) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets related to a lease-status update. | |
| Impact: | An attacker could exploit this vulnerability to have unspecified effect. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | http://security.gentoo.org/glsa/glsa-201301-06.xml https://deepthought.isc.org/article/AA-00595 https://kb.isc.org/article/AA-00705 https://www.isc.org/software/dhcp/advisories/cve-2011-4868 |
|
| Solutions |
|---|
| The vendor has released upgrade patches to fix vulnerabilities, please visit: https://www.isc.org/software/dhcp/advisories/cve-2011-4868 |