Gentoo Linux Security Advisory 201301-6 - Multiple vulnerabilities have been found in ISC DHCP, the worst of which may allow remote Denial of Service. Versions less than 4.2.4_p2 are affected.
ac6c1cdcdb260a60ea33f01cd8f575d6
Debian Linux Security Advisory 2519-2 - It was discovered that the recent update for isc-dhcp, did not contain the patched code included in the source package. Due to quirk in the build system those patches were deapplied during the build process.
c5916597a21533fdfb1e3245d73547d0
Debian Linux Security Advisory 2519-1 - Several security vulnerabilities affecting ISC dhcpd, a server for automatic IP address assignment, have been discovered. Additionally, the latest security update for isc-dhcp, DSA-2516-1, did not properly apply the patches for CVE-2012-3571 and CVE-2012-3954. This has been addressed in this additional update.
9809d9fb5ab7de7ca4c84c1abd546a24
Ubuntu Security Notice 1309-1 - It was discovered that the DHCP server incorrectly handled certain malformed packets when configured to evaluate regular expressions. A remote attacker could use this issue to cause DHCP to crash, resulting in a denial of service.
8d3eee6d25b377c0ca792ccbd4565636
Red Hat Security Advisory 2011-1819-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. A denial of service flaw was found in the way the dhcpd daemon handled DHCP request packets when regular expression matching was used in "/etc/dhcp/dhcpd.conf". A remote attacker could use this flaw to crash dhcpd. Users of DHCP should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, all DHCP servers will be restarted automatically.
1fb1f1180f22c2433e9e56ee0633281f
Mandriva Linux Security Advisory 2011-182 - dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service via a crafted request packet. The updated packages have been patched to correct this issue.
02e671a603aea3de4daba7a8e7064881