CVE-2012-3571

ISC Dhcp - Memory Corruption

Title source: rule

Description

ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Markus Hietava · pythondoslinux

https://www.exploit-db.com/exploits/37538

View Code ZIP pw:eip

References (13)

Core 13

Core References

Third Party Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

Vendor Advisory x_refsource_confirm

https://kb.isc.org/article/AA-00712

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2012/dsa-2516

Third Party Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2012-1141.html

Third Party Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2012:116

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-updates/2012-08/msg00030.html

Third Party Advisory x_refsource_confirm

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761

Third Party Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2012:115

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2012/dsa-2519

Third Party Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-1519-1

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-201301-06.xml

Third Party Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2012-1140.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/54665

Scores

EPSS 0.2055

EPSS Percentile 95.6%

Details

CWE

CWE-119

Status published

Products (12)

canonical/ubuntu_linux 11.04

canonical/ubuntu_linux 11.10

canonical/ubuntu_linux 12.04

debian/debian_linux 6.0

debian/debian_linux 7.0

isc/dhcp 4.1.2

isc/dhcp 4.2.0 (7 CPE variants)

isc/dhcp 4.2.1 (3 CPE variants)

isc/dhcp 4.2.2 (3 CPE variants)

isc/dhcp 4.2.3 (3 CPE variants)

... and 2 more

Published Jul 25, 2012

Tracked Since Feb 18, 2026