CVE-2010-2156
MEDIUM severity · CVSS 5 · CWE-189
5CVSS MEDIUM
Summary
ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of service (server exit) via a zero-length client ID.
Impact & exploitability
Attack vectorNetwork
Attack complexityLow
Privileges required—
User interaction—
Confidentiality impactNone
Integrity impactNone
Availability impact—
Exploit probability (EPSS)76%
AV:N/AC:L/Au:N/C:N/I:N/A:P
Affected products we track (1)
Recommendation
Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.
Additional information
- NVD record
- http://ftp.isc.org/isc/dhcp/dhcp-4.0.2-P1-RELNOTES
- http://ftp.isc.org/isc/dhcp/dhcp-4.1.1-P1-RELNOTES
- http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042843.html
- http://secunia.com/advisories/40116
- http://www.exploit-db.com/exploits/14185
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:114
- http://www.securityfocus.com/bid/40775
- http://www.securitytracker.com/id?1024093