Question 1

What is CVE-2011-2748?

Accepted Answer

CVE-2011-2748 is a high-severity software vulnerability (Improper input validation) with a CVSS score of 7.8. The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.

Question 2

Is CVE-2011-2748 being actively exploited?

Accepted Answer

It is not currently in CISA's KEV catalog. Its EPSS exploitation probability is 39%.

Question 3

What products does CVE-2011-2748 affect?

Accepted Answer

Tracked products affected include Ubuntu, ISC DHCP. Check the version you run to see whether it is affected.

Question 4

How do I fix CVE-2011-2748?

Accepted Answer

Apply the vendor fix promptly. Upgrade affected products to a fixed version.

CVE-2011-2748

Summary

Impact & exploitability

Affected products we track (2)

Recommendation

Additional information