Red Hat Security Advisory 2013-0504-02 - The dhcp packages provide the Dynamic Host Configuration Protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. A flaw was found in the way the dhcpd daemon handled the expiration time of IPv6 leases. If dhcpd's configuration was changed to reduce the default IPv6 lease time, lease renewal requests for previously assigned leases could cause dhcpd to crash.
0fa284dfd579b540666e5e24e644a8ab74c7d57e9707eaf293d4f52a0f39ec7fGentoo Linux Security Advisory 201301-6 - Multiple vulnerabilities have been found in ISC DHCP, the worst of which may allow remote Denial of Service. Versions less than 4.2.4_p2 are affected.
52ff96ed35904c6394d9f7d674251ad0c4071daa8bc2b1b6ef5a6f6de136a80bMandriva Linux Security Advisory 2012-153 - ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced. The updated packages have been patched to correct this issue.
4f56142c97f654375514ad63bec348cf7fcda3463f1302a10bbd3b3b4d0e920bDebian Linux Security Advisory 2551-1 - Glen Eustace discovered that the ISC DHCP server, a server for automatic IP address assignment, is not properly handling changes in the expiration times of a lease. An attacker may use this flaw to crash the service and cause denial of service conditions, by reducing the expiration time of an active IPv6 lease.
7d1a109b85d13cc919ec2a0a19a4208fbf39f0a17356427358210e8f0749086eUbuntu Security Notice 1571-1 - Glen Eustace discovered that the DHCP server incorrectly handled IPv6 expiration times. A remote attacker could use this issue to cause DHCP to crash, resulting in a denial of service. This issue only affected Ubuntu 11.04, Ubuntu 11.10 and Ubuntu 12.04 LTS. Dan Rosenberg discovered that the DHCP AppArmor profile could be escaped by using environment variables. This update mitigates the issue by sanitizing certain variables in the DHCP shell scripts. Various other issues were also addressed.
c4c7c28d14b2657f49ee99fc2da433cca3b1afc7e4b47a3a94a66f4de5caf944Mandriva Linux Security Advisory 2012-153 - ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced. The updated packages have been patched to correct this issue.
ba57b92011c8559033d0963398a7fdaec3854b58757e441eb3b96fd232aeb3cbSlackware Security Advisory - New dhcp packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix a security issue.
b786300c75cbab9d6cc18580e9be933d433110a6c529226c2fa13191cc6d8c5f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed