Vulnerability Note VU#159528
ISC DHCP server vulnerability
Overview
The ISC DHCP server contains a vulnerability that could allow a remote attacker to cause a denial of service.
Description
According to ISC: If a TCP connection is established to the server on a port which has been configured for communication with a failover peer, this can cause it to become non-responsive to all normal DHCP protocol traffic. The server will progress to a communications-interrupted state - but in addition will also cease to provide DHCP services to clients. The server must be restarted to resume normal operation. |
Impact
An unauthenticated remote attacker could cause the server to become unresponsive to all normal DHCP protocol traffic, thereby creating a denial of service. |
Solution
Apply an update |
Vendor Information (Learn More)
| Vendor | Status | Date Notified | Date Updated |
|---|---|---|---|
| Internet Systems Consortium - DHCP | Affected | - | 13 Dec 2010 |
CVSS Metrics (Learn More)
| Group | Score | Vector |
|---|---|---|
| Base | N/A | N/A |
| Temporal | N/A | N/A |
| Environmental | N/A | N/A |
References
Credit
Thanks to Internet Systems Consortium for reporting this vulnerability.
This document was written by Michael Orlando.
Other Information
- CVE IDs: CVE-2010-3616
- Date Public: 13 Dec 2010
- Date First Published: 13 Dec 2010
- Date Last Updated: 13 Dec 2010
- Severity Metric: 11.81
- Document Revision: 9
Feedback
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.