CVE-2011-4868
ISC DHCP < 4.2.3-P2 - Denial of Service via DHCPv6 Lease Status Update
Title source: llmDescription
The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets related to a lease-status update.
References (4)
Core 4
Core References
Various Sources x_refsource_confirm
https://kb.isc.org/article/AA-00705
Various Sources x_refsource_confirm
https://deepthought.isc.org/article/AA-00595
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201301-06.xml
Vendor Advisory x_refsource_confirm
https://www.isc.org/software/dhcp/advisories/cve-2011-4868
Scores
EPSS
0.0085
EPSS Percentile
75.0%
Details
CWE
CWE-399
Status
published
Products (2)
isc/dhcp
3.0 (39 CPE variants)
isc/dhcp
3.0.1 (11 CPE variants)
Published
Jan 15, 2012
Tracked Since
Feb 18, 2026