CVE-2012-3570

EUVD-2012-3517
Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifier parameter.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.7 UNKNOWN
ADJACENT_NETWORK
MEDIUM
AV:A/AC:M/Au:N/C:N/I:N/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
Affected Products (NVD)
VendorProductVersion
iscdhcp
4.2.0
iscdhcp
4.2.0:a1
iscdhcp
4.2.0:a2
iscdhcp
4.2.0:b1
iscdhcp
4.2.0:b2
iscdhcp
4.2.0:p1
iscdhcp
4.2.0:rc1
iscdhcp
4.2.1
iscdhcp
4.2.1:b1
iscdhcp
4.2.1:rc1
iscdhcp
4.2.2
iscdhcp
4.2.2:b1
iscdhcp
4.2.2:rc1
iscdhcp
4.2.3
iscdhcp
4.2.3:p1
iscdhcp
4.2.3:p2
iscdhcp
4.2.4
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
isc-dhcp
bookworm
4.4.3-P1-2
fixed
bullseye
4.4.1-2.3+deb11u2
fixed
bullseye (security)
4.4.1-2.3+deb11u1
fixed
sid
4.4.3-P1-5
fixed
squeeze
not-affected
trixie
4.4.3-P1-5
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
dhcp3
hardy
not-affected
lucid
not-affected
natty
dne
oneiric
dne
precise
dne
isc-dhcp
hardy
dne
lucid
dne
natty
not-affected
oneiric
not-affected
precise
not-affected
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-updates/2012-08/msg00030.html
http://security.gentoo.org/glsa/glsa-201301-06.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2012:115
http://www.securityfocus.com/bid/54665
https://kb.isc.org/article/AA-00714
http://lists.opensuse.org/opensuse-updates/2012-08/msg00030.html
http://security.gentoo.org/glsa/glsa-201301-06.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2012:115
http://www.securityfocus.com/bid/54665
https://kb.isc.org/article/AA-00714