CVE-2011-2748

Опубликовано: 15 авг. 2011

Источник: nvd

CVSS2: 7.8

EPSS Высокий

Описание

The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.

Ссылки

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065176.html
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2011-09/msg00014.html
Mailing List
Third Party Advisory
http://redmine.pfsense.org/issues/1888
Third Party Advisory
http://secunia.com/advisories/45582
Third Party Advisory
http://secunia.com/advisories/45595
Third Party Advisory
http://secunia.com/advisories/45629
Third Party Advisory
http://secunia.com/advisories/45639
Third Party Advisory
http://secunia.com/advisories/45817
Third Party Advisory
http://secunia.com/advisories/45918
Third Party Advisory
http://secunia.com/advisories/46780
Third Party Advisory
http://security.gentoo.org/glsa/glsa-201301-06.xml
Third Party Advisory
http://securitytracker.com/id?1025918
Third Party Advisory
VDB Entry
http://www.debian.org/security/2011/dsa-2292
Third Party Advisory
http://www.isc.org/files/release-notes/DHCP%203.1-ESV-R3_0.html
Vendor Advisory
http://www.isc.org/files/release-notes/DHCP%204.1-ESV-R3.html
Vendor Advisory
http://www.isc.org/files/release-notes/DHCP%204.2.2_0.html
Vendor Advisory
http://www.isc.org/software/dhcp/advisories/cve-2011-2748
Patch
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:128
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-1160.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:isc:dhcp:3.0:*:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.1:-:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.1:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.1:rc10:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.1:rc11:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.1:rc12:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.1:rc13:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.1:rc14:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.1:rc2:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.1:rc5:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.1:rc6:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.1:rc7:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.1:rc8:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.1:rc9:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.2:-:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.2:b1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.2:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.2:rc2:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.2:rc3:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.3:b1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.3:b2:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.3:b3:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.4:-:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.4:b1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.4:b2:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.4:b3:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.4:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.5:-:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.5:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.0.6:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.1:*:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.1-esv:*:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.1.0:-:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.1.0:a1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.1.0:a2:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.1.0:a3:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.1.0:b1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.1.0:b2:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.1.0:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.1.1:-:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.1.1:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.1.1:rc2:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.1.2:-:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.1.2:b1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.1.2:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.1.3:-:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.1.3:b1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:3.1.3:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.0:*:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.0-esv:*:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.0.0:*:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.0.1:-:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.0.1:b1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.0.1:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.0.2:-:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.0.2:b1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.0.2:b2:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.0.2:b3:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.0.2:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.0.3:-:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.0.3:b1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.0.3:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.1-esv:-:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.1-esv:r2:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.1-esv:r3:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.1-esv:r3_b1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.1-esv:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.1.0:*:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.1.1:-:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.1.1:b1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.1.1:b2:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.1.1:b3:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.1.1:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.1.2:*:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.2.0:-:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.2.0:a1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.2.0:a2:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.2.0:b1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.2.0:b2:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.2.0:p1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.2.0:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.2.1:-:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.2.1:b1:*:*:*:*:*:*

cpe:2.3:a:isc:dhcp:4.2.1:rc1:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.87881

Высокий

7.8 High

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2011-2748

ubuntu

почти 14 лет назад

The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.

CVE-2011-2748

redhat

почти 14 лет назад

The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.

CVE-2011-2748

debian

почти 14 лет назад

The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ES ...

GHSA-xm4m-62pf-w44f

github

около 3 лет назад

The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.

ELSA-2011-1160

oracle-oval

почти 14 лет назад

ELSA-2011-1160: dhcp security update (MODERATE)

EPSS

Процентиль: 99%

0.87881

Высокий

7.8 High

CVSS2

Дефекты

CWE-20