ISC DHCP: Denial of service — GLSA 201301-06

Multiple vulnerabilities have been found in ISC DHCP, the worst of which may allow remote Denial of Service.

Affected packages

Background

ISC DHCP is a Dynamic Host Configuration Protocol (DHCP) client/server.

Description

Multiple vulnerabilities have been discovered in ISC DHCP. Please review the CVE identifiers referenced below for details.

Impact

The vulnerabilities might allow remote attackers to execute arbitrary code or cause a Denial of Service.

Workaround

There is no known workaround at this time.

Resolution

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-misc/dhcp-4.2.4_p2"
 

References

• CVE-2011-0997
• CVE-2011-2748
• CVE-2011-2749
• CVE-2011-4539
• CVE-2011-4868
• CVE-2012-3570
• CVE-2012-3571
• CVE-2012-3954
• CVE-2012-3955

Release date
January 09, 2013

Latest revision
January 09, 2013: 1

Severity
normal

Exploitable
remote

Bugzilla entries

• 362453
• 378799
• 393617
• 398763
• 428120
• 434880