CVE-2011-0413

CWE-20 โ€” Improper Input Validation8 documents7 sources
Severity
7.8HIGH
EPSS
11.2%
top 6.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
ISC Dhcp
Timeline
PublishedJan 31
Latest updateMay 13

Description

The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

โ–ถDebianisc-dhcp< 4.1.1-P1-16+2
โ–ถNVDisc/dhcp11 versions+10

๐Ÿ”ดVulnerability Details

3
GHSA
GHSA-4pw9-88hx-8fcw: The DHCPv6 server in ISC DHCP 4โ†—2022-05-13
โ–ถ
OSV
CVE-2011-0413: The DHCPv6 server in ISC DHCP 4โ†—2011-01-31
โ–ถ
CVEList
CVE-2011-0413: The DHCPv6 server in ISC DHCP 4โ†—2011-01-31
โ–ถ

๐Ÿ“‹Vendor Advisories

2
Red Hat
dhcp: unexpected abort caused by a DHCPv6 decline messageโ†—2011-01-26
โ–ถ
Debian
CVE-2011-0413: isc-dhcp - The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-E...โ†—2011
โ–ถ

๐Ÿ’ฌCommunity

2
Bugzilla
CVE-2011-0413 dhcp: unexpected abort caused by a DHCPv6 decline message [fedora-all]โ†—2011-01-26
โ–ถ
Bugzilla
CVE-2011-0413 dhcp: unexpected abort caused by a DHCPv6 decline messageโ†—2011-01-26
โ–ถ