cbcvebase.
CVE-2011-2748
published 2011-08-15

CVE-2011-2748: The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service…

PriorityP350high7.8CVSS 2.0
AVNACLAuNCNINAC
EPSS
38.77%
98.4th percentile
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.

Affected

33 ranges· showing 25
VendorProductVersion rangeFixed in
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
debiandebian_linux
debiandebian_linux
debiandebian_linux
debianisc-dhcp< isc-dhcp 4.2.2-1 (bookworm)isc-dhcp 4.2.2-1 (bookworm)
iscdhcp
iscdhcp
iscdhcp
iscdhcp
iscdhcp
iscdhcp
iscdhcp
iscdhcp
iscdhcp
iscdhcp
iscdhcp
iscdhcp
iscdhcp
iscdhcp
iscdhcp
iscdhcp
iscdhcp

Detection & IOCsextracted from sources · hover to see the quote

  • The vulnerability is triggered by a crafted/malformed DHCP packet sent to the ISC DHCP server, causing daemon exit (DoS). Monitor for unexpected dhcpd process termination or crashes following receipt of malformed DHCP traffic.
  • The attack is remotely exploitable over the network against the DHCP server daemon (dhcpd). Any remote attacker able to send DHCP packets to the server can trigger the flaw.
  • Two related flaws (CVE-2011-2748 and CVE-2011-2749) affect the same ISC DHCP server codebase and can both be used to halt the daemon via crafted packets. Detection logic should cover both CVEs together.
  • ·Affected versions are ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3. Fixed versions are 3.1-ESV-R3, 4.1-ESV-R3, and 4.2.2.

CVSS provenance

nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C
osv7.8HIGH
vendor_debian7.8HIGH
vendor_redhat7.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.