CVE-2011-4868

The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets related to a lease-status update.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.1 UNKNOWN
ADJACENT_NETWORK
LOW
AV:A/AC:L/Au:N/C:N/I:N/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 75%
VendorProductVersion
iscdhcp
𝑥
≤ 4.2.3
iscdhcp
3.0
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:beta2
iscdhcp
3.0:rc1
iscdhcp
3.0:rc1
iscdhcp
3.0:rc10
iscdhcp
3.0:rc11
iscdhcp
3.0:rc12
iscdhcp
3.0:rc2
iscdhcp
3.0:rc2
iscdhcp
3.0:rc3
iscdhcp
3.0:rc4
iscdhcp
3.0:rc5
iscdhcp
3.0:rc6
iscdhcp
3.0:rc7
iscdhcp
3.0:rc8
iscdhcp
3.0:rc8
iscdhcp
3.0:rc9
iscdhcp
3.0.1
iscdhcp
3.0.1:rc1
iscdhcp
3.0.1:rc10
iscdhcp
3.0.1:rc11
iscdhcp
3.0.1:rc12
iscdhcp
3.0.1:rc13
iscdhcp
3.0.1:rc14
iscdhcp
3.0.1:rc2
iscdhcp
3.0.1:rc3
iscdhcp
3.0.1:rc4
iscdhcp
3.0.1:rc5
iscdhcp
3.0.1:rc6
iscdhcp
3.0.1:rc7
iscdhcp
3.0.1:rc8
iscdhcp
3.0.1:rc9
iscdhcp
3.0.2
iscdhcp
3.0.2:b1
iscdhcp
3.0.2:rc1
iscdhcp
3.0.2:rc2
iscdhcp
3.0.2:rc3
iscdhcp
3.0.3
iscdhcp
3.0.3:b1
iscdhcp
3.0.3:b2
iscdhcp
3.0.3:b3
iscdhcp
3.0.4
iscdhcp
3.0.4:b1
iscdhcp
3.0.4:b2
iscdhcp
3.0.4:b3
iscdhcp
3.0.4:rc1
iscdhcp
3.0.5
iscdhcp
3.0.5:rc1
iscdhcp
3.0.6:rc1
iscdhcp
3.1.0
iscdhcp
3.1.0:a1
iscdhcp
3.1.0:a2
iscdhcp
3.1.0:a3
iscdhcp
3.1.0:b1
iscdhcp
3.1.0:b2
iscdhcp
4.0.0
iscdhcp
4.0.0:a1
iscdhcp
4.0.0:a2
iscdhcp
4.0.0:a3
iscdhcp
4.0.0:b1
iscdhcp
4.0.0:b2
iscdhcp
4.0.0:b3
iscdhcp
4.1.0
iscdhcp
4.1.0:a1
iscdhcp
4.1.0:a2
iscdhcp
4.1.0:b1
iscdhcp
4.2.0
iscdhcp
4.2.0:a1
iscdhcp
4.2.0:a2
iscdhcp
4.2.0:b1
iscdhcp
4.2.0:b2
iscdhcp
4.2.0:rc1
iscdhcp
4.2.1
iscdhcp
4.2.1:b1
iscdhcp
4.2.1:rc1
iscdhcp
4.2.2
iscdhcp
4.2.2:b1
iscdhcp
4.2.2:rc1
iscdhcp
4.2.3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
isc-dhcp
bullseye
4.4.1-2.3+deb11u2
fixed
squeeze
not-affected
bullseye (security)
4.4.1-2.3+deb11u1
fixed
bookworm
4.4.3-P1-2
fixed
sid
4.4.3-P1-5
fixed
trixie
4.4.3-P1-5
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
isc-dhcp
precise
not-affected
oneiric
not-affected
natty
not-affected
maverick
dne
lucid
dne
hardy
dne
Common Weakness Enumeration
References
http://security.gentoo.org/glsa/glsa-201301-06.xml
https://deepthought.isc.org/article/AA-00595
https://kb.isc.org/article/AA-00705
https://www.isc.org/software/dhcp/advisories/cve-2011-4868
http://security.gentoo.org/glsa/glsa-201301-06.xml
https://deepthought.isc.org/article/AA-00595
https://kb.isc.org/article/AA-00705
https://www.isc.org/software/dhcp/advisories/cve-2011-4868