CVE-2009-1892

Published Jul 17, 2009

Last updated 7 years ago

Overview

Description: dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and hardware ethernet configuration settings are both used, allows remote attackers to cause a denial of service (daemon crash) via unspecified requests.
Source: secalert@redhat.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-16

Vendor comments

Red HatNot vulnerable. Red Hat Enterprise Linux 3, 4, and 5 provide earlier versions of ISC DHCP which are not vulnerable to this issue.

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:isc:dhcp:3.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1269D9FF-C497-4FA5-90DA-302A9FC1EB75"
          },
          {
            "criteria": "cpe:2.3:a:isc:dhcp:3.0.4_b1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34BCCA79-76A8-494A-94CA-BB8FA11891DA"
          },
          {
            "criteria": "cpe:2.3:a:isc:dhcp:3.0.4_b2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5442D329-81D5-4891-A063-FC6A07D7E1FA"
          },
          {
            "criteria": "cpe:2.3:a:isc:dhcp:3.0.4_b3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "14F64C1F-92E7-4190-9472-046F34C28539"
          },
          {
            "criteria": "cpe:2.3:a:isc:dhcp:3.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22D732C6-F89B-4FCA-A949-3F67B4E7A7F2"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Vendor comments

Configurations

References