CVE-2011-0413
published 2011-01-31CVE-2011-0413: The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause…
PriorityP344high7.8CVSS 2.0
AVNACLAuNCNINAC
EPSS
32.75%
98.1th percentile
The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | isc-dhcp | < isc-dhcp 4.1.1-P1-16 (bookworm) | isc-dhcp 4.1.1-P1-16 (bookworm) |
| isc | dhcp | — | — |
| isc | dhcp | — | — |
| isc | dhcp | — | — |
| isc | dhcp | — | — |
| isc | dhcp | — | — |
| isc | dhcp | — | — |
| isc | dhcp | — | — |
| isc | dhcp | — | — |
| isc | dhcp | — | — |
| isc | dhcp | — | — |
| isc | dhcp | — | — |
CVSS provenance
nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C
osv7.8HIGH
vendor_debian7.8HIGH
vendor_redhat7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
dhcp: unexpected abort caused by a DHCPv6 decline message
vendor_redhat·2011-01-26·CVSS 7.8
CVE-2011-0413 [HIGH] dhcp: unexpected abort caused by a DHCPv6 decline message
dhcp: unexpected abort caused by a DHCPv6 decline message
The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.
Package: dhcp (Red Hat Enterprise Linux 4) - Not affected
Package: dhcp (Red Hat Enterprise Linux 5) - Not affected
Debian
CVE-2011-0413: isc-dhcp - The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-E...
vendor_debian·2011·CVSS 7.8
CVE-2011-0413 [HIGH] CVE-2011-0413: isc-dhcp - The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-E...
The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.
Scope: local
bookworm: resolved (fixed in 4.1.1-P1-16)
bullseye: resolved (fixed in 4.1.1-P1-16)
sid: resolved (fixed in 4.1.1-P1-16)
trixie: resolved (fixed in 4.1.1-P1-16)
GHSA
GHSA-4pw9-88hx-8fcw: The DHCPv6 server in ISC DHCP 4
ghsa_unreviewed·2022-05-13
CVE-2011-0413 [HIGH] CWE-20 GHSA-4pw9-88hx-8fcw: The DHCPv6 server in ISC DHCP 4
The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.
OSV
CVE-2011-0413: The DHCPv6 server in ISC DHCP 4
osv·2011-01-31·CVSS 7.8
CVE-2011-0413 [HIGH] CVE-2011-0413: The DHCPv6 server in ISC DHCP 4
The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2011-0413 dhcp: unexpected abort caused by a DHCPv6 decline message [fedora-all]
bugzilla·2011-01-26·CVSS 7.8
CVE-2011-0413 [HIGH] CVE-2011-0413 dhcp: unexpected abort caused by a DHCPv6 decline message [fedora-all]
CVE-2011-0413 dhcp: unexpected abort caused by a DHCPv6 decline message [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=672755
Please note: this issue affect
Bugzilla
CVE-2011-0413 dhcp: unexpected abort caused by a DHCPv6 decline message
bugzilla·2011-01-26·CVSS 7.8
CVE-2011-0413 [HIGH] CVE-2011-0413 dhcp: unexpected abort caused by a DHCPv6 decline message
CVE-2011-0413 dhcp: unexpected abort caused by a DHCPv6 decline message
We've been notified by ISC about the upcoming security advisory for ISC DHCP. This issue affects DHCPv6 server:
When the DHCPv6 server code processes a message for an address that was
previously declined and internally tagged as abandoned it can trigger an
assert failure resulting in the server crashing. This could be used to
crash DHCPv6 servers remotely. This issue only affects DHCPv6 servers.
DHCPv4 servers are unaffected.
Versions affected: 4.0.x-4.2.x
Solution: Upgrade to 4.1.2-P1, 4.1-ESV-R1, or 4.2.1b1
This also got US-CERT id VU#686084: http://www.kb.cert.org/vuls/id/686084
Acknowledgement:
Red Hat would like to thank Internet Systems Consortium for reporting this issue.
Discussion:
This is now public:
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.htmlhttp://secunia.com/advisories/43006http://secunia.com/advisories/43104http://secunia.com/advisories/43167http://secunia.com/advisories/43354http://secunia.com/advisories/43613http://securitytracker.com/id?1024999http://www.debian.org/security/2011/dsa-2184http://www.isc.org/software/dhcp/advisories/cve-2011-0413http://www.kb.cert.org/vuls/id/686084http://www.mandriva.com/security/advisories?name=MDVSA-2011:022http://www.osvdb.org/70680http://www.redhat.com/support/errata/RHSA-2011-0256.htmlhttp://www.securityfocus.com/bid/46035http://www.vupen.com/english/advisories/2011/0235http://www.vupen.com/english/advisories/2011/0266http://www.vupen.com/english/advisories/2011/0300http://www.vupen.com/english/advisories/2011/0400http://www.vupen.com/english/advisories/2011/0583https://exchange.xforce.ibmcloud.com/vulnerabilities/64959https://kb.isc.org/article/AA-00456http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.htmlhttp://secunia.com/advisories/43006http://secunia.com/advisories/43104http://secunia.com/advisories/43167http://secunia.com/advisories/43354http://secunia.com/advisories/43613http://securitytracker.com/id?1024999http://www.debian.org/security/2011/dsa-2184http://www.isc.org/software/dhcp/advisories/cve-2011-0413http://www.kb.cert.org/vuls/id/686084http://www.mandriva.com/security/advisories?name=MDVSA-2011:022http://www.osvdb.org/70680http://www.redhat.com/support/errata/RHSA-2011-0256.htmlhttp://www.securityfocus.com/bid/46035http://www.vupen.com/english/advisories/2011/0235http://www.vupen.com/english/advisories/2011/0266http://www.vupen.com/english/advisories/2011/0300http://www.vupen.com/english/advisories/2011/0400http://www.vupen.com/english/advisories/2011/0583https://exchange.xforce.ibmcloud.com/vulnerabilities/64959https://kb.isc.org/article/AA-00456
2011-01-31
Published