News
Vigil@nce: ISC DHCP, denials of service
May 2008 by Vigil@nce
A network attacker can create three denials of service on ISC DHCP.
– Gravity: 2/4
– CVSS: 6.1/10
– Consequences: denial of service of service
– Provenance: intranet client
– Means of attack: no proof of concept, no attack
– Ability of attacker: expert (4/4)
– Confidence: confirmed by the editor (5/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Creation date: 15/05/2008
– Identifier: VIGILANCE-VUL-7832
AFFECTED PRODUCTS
Unix - plateform [with ISC DHCP < 3.1.1]
Similar products or versions inferior to those indicated may also
be affected.
DESCRIPTION
The ISC DHCP server is impacted by three denials of service.
A memory leak occurs during OMAPI (Object Management Application
Programming Interface) usage. [grav:1/4]
In some configurations, an attacker can create a buffer overflow
leading to a denial of service. [grav:2/4]
On a server with other listening services, an attacker can create
a file descriptor leak. [grav:1/4]
CHARACTERISTICS
– Identifiers: VIGILANCE-VUL-7832
– CVSS score: 6.1/10
– Url: https://vigilance.aql.fr/tree/1/7832
