Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-2156

CWE-1899 documents8 sources
Severity
5.0MEDIUM
EPSS
86.8%
top 0.58%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
ISC Dhcp
Timeline
PublishedJun 7
Latest updateMay 17

Description

ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of service (server exit) via a zero-length client ID.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

โ–ถDebianisc-dhcp< 4.1.1-P1-1+2
โ–ถNVDisc/dhcp5 versions+4

๐Ÿ”ดVulnerability Details

3
GHSA
GHSA-rrx5-gxgm-9hrg: ISC DHCP 4โ†—2022-05-17
โ–ถ
OSV
CVE-2010-2156: ISC DHCP 4โ†—2010-06-07
โ–ถ
CVEList
CVE-2010-2156: ISC DHCP 4โ†—2010-06-07
โ–ถ

๐Ÿ’ฅExploits & PoCs

1
Exploit-DB
ISC DHCPD - Denial of Serviceโ†—2010-07-03
โ–ถ

๐Ÿ“‹Vendor Advisories

2
Red Hat
dhcp: remote DoS via zero-length client IDโ†—2010-06-01
โ–ถ
Debian
CVE-2010-2156: isc-dhcp - ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to ...โ†—2010
โ–ถ

๐Ÿ’ฌCommunity

2
Bugzilla
CVE-2010-2156 dhcp: remote DoS via zero-length client ID [fedora-all]โ†—2010-06-07
โ–ถ
Bugzilla
CVE-2010-2156 dhcp: remote DoS via zero-length client IDโ†—2010-06-07
โ–ถ
CVE-2010-2156 (MEDIUM CVSS 5) | ISC DHCP 4.1 before 4.1.1-P1 and 4. | cvebase.io