CVE-2012-3955

9 documents8 sources

Severity

7.1HIGH

EPSS

12.1%

top 6.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Canonical Ubuntu Linux Debian Debian Linux ISC Dhcp

Timeline

PublishedSep 14

Latest updateMay 13

Description

ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages2 packages

▶Debianisc-dhcp< 4.2.4-2+2

▶NVDisc/dhcp4 versions+3

Also affects: Debian Linux 6.0, 7.0, Ubuntu Linux 10.04, 11.04, 11.10, 12.04

🔴Vulnerability Details

GHSA

GHSA-6xcv-87wr-7rfm: ISC DHCP 4↗2022-05-13

▶

CVEList

CVE-2012-3955: ISC DHCP 4↗2012-09-14

▶

OSV

CVE-2012-3955: ISC DHCP 4↗2012-09-14

▶

📋Vendor Advisories

Ubuntu

DHCP vulnerability↗2012-09-18

▶

Red Hat

dhcp: reduced expiration time of an IPv6 lease may cause dhcpd to crash↗2012-09-12

▶

Debian

CVE-2012-3955: isc-dhcp - ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attacke...↗2012

▶

💬Community

Bugzilla

CVE-2012-3955 dhcp: reduced expiration time of an IPv6 lease may cause dhcpd to crash↗2012-09-12

▶

Bugzilla

CVE-2012-3955 dhcp: reduced expiration time of an IPv6 lease may cause dhcpd to crash [fedora-all]↗2012-09-12

▶