dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and hardware ethernet configuration settings are both used, allows remote attackers to cause a denial of service (daemon crash) via unspecified requests.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Dhcp | Isc | 3.0.4 (including) | 3.0.4 (including) |
| Dhcp | Isc | 3.0.4_b1 (including) | 3.0.4_b1 (including) |
| Dhcp | Isc | 3.0.4_b2 (including) | 3.0.4_b2 (including) |
| Dhcp | Isc | 3.0.4_b3 (including) | 3.0.4_b3 (including) |
| Dhcp | Isc | 3.1.1 (including) | 3.1.1 (including) |
| Dhcp3 | Ubuntu | dapper | * |
| Dhcp3 | Ubuntu | intrepid | * |
| Dhcp3 | Ubuntu | jaunty | * |
| Dhcp3 | Ubuntu | karmic | * |
| Dhcp3 | Ubuntu | upstream | * |
References
- http://secunia.com/advisories/35830
- http://secunia.com/advisories/35851
- http://secunia.com/advisories/36457
- http://secunia.com/advisories/37342
- http://www.debian.org/security/2009/dsa-1833
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:154
- http://www.securityfocus.com/bid/35669
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51717
- https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01177.html
- https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00340.html
- http://secunia.com/advisories/35830
- http://secunia.com/advisories/35851
- http://secunia.com/advisories/36457
- http://secunia.com/advisories/37342
- http://www.debian.org/security/2009/dsa-1833
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:154
- http://www.securityfocus.com/bid/35669
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51717
- https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01177.html
- https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00340.html