CVE-2012-3570

Related Files

Gentoo Linux Security Advisory 201301-06

Posted Jan 9, 2013

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201301-6 - Multiple vulnerabilities have been found in ISC DHCP, the worst of which may allow remote Denial of Service. Versions less than 4.2.4_p2 are affected.

tags | advisory, remote, denial of service, vulnerability

systems | linux, gentoo

advisories | CVE-2011-0997, CVE-2011-2748, CVE-2011-2749, CVE-2011-4539, CVE-2011-4868, CVE-2012-3570, CVE-2012-3571, CVE-2012-3954, CVE-2012-3955

SHA-256 | 52ff96ed35904c6394d9f7d674251ad0c4071daa8bc2b1b6ef5a6f6de136a80b

Download | Favorite | View

Mandriva Linux Security Advisory 2012-115

Posted Jul 27, 2012

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-115 - An unexpected client identifier parameter can cause the ISC DHCP daemon to segmentation fault when running in DHCPv6 mode, resulting in a denial of service to further client requests. In order to exploit this condition, an attacker must be able to send requests to the DHCP server. An error in the handling of malformed client identifiers can cause a DHCP server running affected versions to enter a state where further client requests are not processed and the server process loops endlessly, consuming all available CPU cycles. Under normal circumstances this condition should not be triggered, but a non-conforming or malicious client could deliberately trigger it in a vulnerable server. In order to exploit this condition an attacker must be able to send requests to the DHCP server. Two memory leaks have been found and fixed in ISC DHCP. The updated packages have been upgraded to the latest version which is not affected by these issues.

tags | advisory, denial of service, memory leak

systems | linux, mandriva

advisories | CVE-2012-3570, CVE-2012-3571, CVE-2012-3954

SHA-256 | a3724f3805b0b02ba67820a614a721acf82fab981a7946ece56835acdc445a6d

Download | Favorite | View