Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2011-4539

dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet.

Related bugs and status

CVE-2011-4539 (Candidate) is related to these bugs:

Bug #937169: [FFe] Upgrading from 4.1.1 to 4.1-ESV-R4 (Extended Support Version)

Summary				In	Importance	Status
	937169	[FFe] Upgrading from 4.1.1 to 4.1-ESV-R4 (Extended Support Version)		isc-dhcp (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://www.isc.org/so...
MANDRIVA: MDVSA-2011:182
BID: 50971
SECTRACK: 1026393
SECUNIA: 47153
UBUNTU: USN-1309-1
FEDORA: FEDORA-2011-16981
SUSE: openSUSE-SU-2011:1318
SECUNIA: 47178
DEBIAN: DSA-2519
FEDORA: FEDORA-2011-16976
GENTOO: GLSA-201301-06
XF: isc-dhcp-dhcpd-regex-d...