Vigil@nce: ISC DHCP, denials of service
June 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can generate two denials of service in ISC DHCP, in
order to stop it.
– Severity: 2/4
– Creation date: 06/06/2012
IMPACTED PRODUCTS
– ISC DHCP
DESCRIPTION OF THE VULNERABILITY
Two vulnerabilities were announced in ISC DHCP.
A NULL pointer can be dereferenced during the usage of a regular
expression. [severity:2/4; CVE-2011-4539]
An attacker can use a DDNS (Dynamic DNS) packet, in order to
dereference a NULL pointer. [severity:2/4; CVE-2011-4868]
An attacker can therefore generate two denials of service in ISC
DHCP, in order to stop it.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/ISC-DHCP-denials-of-service-11679