Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ISC DHCP DoS vulnerability

    2.0-RC Snapshot Feedback and Problems - RETIRED
    1
    1
    2.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dhatz
      last edited by

      Please take note of this recently announced denial-of-service vulnerability of ISC dhcpd (pfSense runs v4.2.1-p1)

      http://www.isc.org/software/dhcp/advisories/cve-2011-2748

      ISC DHCP Server Halt
      Two issues have been found in DHCP that could allow an attacker to cause the server to halt.
      CVE: CVE-2011-2748
      Document Version:  1.1
      Posting date: 10 Aug 2011
      Program Impacted: DHCP
      Versions affected:  3.1.0 through 3.1-ESV-R1 (R2 never released) 4.0 all versions (EOL) 4.1.0 through 4.1.2rc1 4.1-ESV through 4.1-ESV-R3b1 4.2.0 through 4.2.2rc1 All End-of-Life versions of DHCP server are likely to be affected and ISC recommends upgrading to supported versions.
      Severity:  High
      Exploitable:  Remotely
      Description:
      A pair of defects cause the server to halt upon processing certain packets. The patch is to properly discard or process those packets.

      Document ID: CVE-2011-2748, CVE-2011-2749

      CVSS Score: 7.8

      CVSS Equation: (AV:N/AC:L/Au:N/C:N/I:N/A:C)

      For more information on the Common Vulnerability Scoring System and to obtain your specific environmental score please visit: http://nvd.nist.gov/cvww.cfm?calculator&adv&version=vector=(AV:N/AC:L/Au:N/C:N/I:N/A:C)

      Workarounds:
      Limiting DHCP and Bootp packets to only within your administrative domain will limit exposure.

      Active exploits:
      ISC received a report for one of the flaws and discovered the other during testing. No public exploits using these bugs are known.
      Solution:
      Upgrade to: 3.1-ESV-R3, 4.1-ESV-R3 or 4.2.2

      Please note that this is the last update to 3.1-ESV as it will be End-of-Life after this release.

      Download these versions from https://www.isc.org/downloads/all

      Acknowledgment:
      Found by David Zych at University of Illinois

      Document Revision History

      1.0 27 July 2011 - Phase 1 disclosure

      1.1 09 August 2011 - Phase 2 and 3 disclosures

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.