ID CVE-2012-3955
Summary ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.
References
Vulnerable Configurations
  • cpe:2.3:a:isc:dhcp:4.1-esv:-:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1-esv:-:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1-esv:r2:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1-esv:r2:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1-esv:r3:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1-esv:r3:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1-esv:r3_b1:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1-esv:r3_b1:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1-esv:r4:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1-esv:r4:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1-esv:r5:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1-esv:r5:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1-esv:r5_b1:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1-esv:r5_b1:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1-esv:r5_rc1:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1-esv:r5_rc1:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1-esv:r5_rc2:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1-esv:r5_rc2:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1-esv:r6:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1-esv:r6:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1-esv:rc1:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1-esv:rc1:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1.0:-:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1.0:-:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1.0:a1:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1.0:a1:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1.0:a2:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1.0:a2:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1.0:b1:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1.0:b1:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1.1:-:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1.1:-:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1.1:b1:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1.1:b1:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1.1:b2:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1.1:b2:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1.1:b3:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1.1:b3:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1.2:-:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1.2:-:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1.2:b1:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1.2:b1:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1.2:p1:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1.2:p1:*:*:*:*:*:*
  • cpe:2.3:a:isc:dhcp:4.1.2:rc1:*:*:*:*:*:*
    cpe:2.3:a:isc:dhcp:4.1.2:rc1:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
CVSS
Base: 7.1 (as of 22-08-2013 - 03:57)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:C
redhat via4
advisories
bugzilla
id 856766
title CVE-2012-3955 dhcp: reduced expiration time of an IPv6 lease may cause dhcpd to crash
oval
AND
  • OR
    • comment Red Hat Enterprise Linux 6 Client is installed
      oval oval:com.redhat.rhba:tst:20111656001
    • comment Red Hat Enterprise Linux 6 Server is installed
      oval oval:com.redhat.rhba:tst:20111656002
    • comment Red Hat Enterprise Linux 6 Workstation is installed
      oval oval:com.redhat.rhba:tst:20111656003
    • comment Red Hat Enterprise Linux 6 ComputeNode is installed
      oval oval:com.redhat.rhba:tst:20111656004
  • OR
    • AND
      • comment dhclient is earlier than 12:4.1.1-34.P1.el6
        oval oval:com.redhat.rhsa:tst:20130504011
      • comment dhclient is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100923008
    • AND
      • comment dhcp is earlier than 12:4.1.1-34.P1.el6
        oval oval:com.redhat.rhsa:tst:20130504005
      • comment dhcp is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100923006
    • AND
      • comment dhcp-common is earlier than 12:4.1.1-34.P1.el6
        oval oval:com.redhat.rhsa:tst:20130504009
      • comment dhcp-common is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20111819010
    • AND
      • comment dhcp-devel is earlier than 12:4.1.1-34.P1.el6
        oval oval:com.redhat.rhsa:tst:20130504007
      • comment dhcp-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100923010
rhsa
id RHSA-2013:0504
released 2013-02-21
severity Low
title RHSA-2013:0504: dhcp security and bug fix update (Low)
rpms
  • dhclient-12:4.1.1-34.P1.el6
  • dhcp-12:4.1.1-34.P1.el6
  • dhcp-common-12:4.1.1-34.P1.el6
  • dhcp-devel-12:4.1.1-34.P1.el6
refmap via4
bid 55530
confirm
debian DSA-2551
fedora
  • FEDORA-2012-13910
  • FEDORA-2012-14076
  • FEDORA-2012-14149
gentoo GLSA-201301-06
mandriva MDVSA-2012:153
sectrack 1027528
secunia 51318
suse
  • openSUSE-SU-2012:1234
  • openSUSE-SU-2012:1252
  • openSUSE-SU-2012:1254
ubuntu USN-1571-1
Last major update 22-08-2013 - 03:57
Published 14-09-2012 - 10:33
Last modified 08-01-2020 - 17:16
Back to Top