CVE-2011-4539
Published: 8 December 2011
dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet.
Notes
Author | Note |
---|---|
mdeslaur | doesn't affect v3.x |
Priority
Status
Package | Release | Status |
---|---|---|
dhcp3 Launchpad, Ubuntu, Debian |
hardy |
Not vulnerable
(code not present)
|
lucid |
Not vulnerable
(code not present)
|
|
maverick |
Not vulnerable
(code not present)
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Needs triage
|
|
isc-dhcp Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Released
(4.1.1-P1-15ubuntu9.3)
|
|
oneiric |
Released
(4.1.1-P1-17ubuntu10.1)
|
|
upstream |
Released
(4.2.3-P1)
|