CVE-2015-8605

MEDIUM

ISC DHCP <4.1-ESV-R12-P1, 4.2.x, 4.3.x <4.3.3-P1 - DoS

Title source: llm

Description

ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.

References (12)

Scores

CVSS v3 6.5
EPSS 0.4344
EPSS Percentile 97.5%
Attack Vector ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE
CWE-20
Status draft

Affected Products (50)

sophos/unified_threat_management_up2date < 9.318
isc/dhcp
isc/dhcp
isc/dhcp
isc/dhcp
isc/dhcp
isc/dhcp
isc/dhcp
isc/dhcp
isc/dhcp
isc/dhcp
isc/dhcp
isc/dhcp
isc/dhcp
isc/dhcp
... and 35 more

Timeline

Published Jan 14, 2016
Tracked Since Feb 18, 2026