Isc Dhcp vulnerabilities

CVE-2010-3611 [MEDIUM] CVE-2010-3611: ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2.0-P1 allows remote attackers ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2.0-P1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a DHCPv6 packet containing a Relay-Forward message without an address in the Relay-Forward link-address field.

CVE-2010-2156 [MEDIUM] CWE-189 CVE-2010-2156: ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of se ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of service (server exit) via a zero-length client ID.

CVE-2009-1893 [MEDIUM] CWE-59 CVE-2009-1893: The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command.

CVE-2009-1892 [MEDIUM] CWE-16 CVE-2009-1892: dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and hardware ethernet configurati dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and hardware ethernet configuration settings are both used, allows remote attackers to cause a denial of service (daemon crash) via unspecified requests.

CVE-2009-0692 [CRITICAL] CWE-119 CVE-2009-0692: Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhcli Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option.