Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3122

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-3122
Last Modified 13 Jun 2011 12:00:00
Published 09 Aug 2006 06:04:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3122

Summary

The supersede_lease function in memory.c in ISC DHCP (dhcpd) server 2.0pl5 allows remote attackers to cause a denial of service (application crash) via a DHCPDISCOVER packet with a 32 byte client-identifier, which causes the packet to be interpreted as a corrupt uid and causes the server to exit with "corrupt lease uid."

Vulnerable Systems

Application

  • Isc Dhcpd 2.0pl5


References

DEBIAN - DSA-1143

SECUNIA - 21363

SECUNIA - 21345

VUPEN - ADV-2006-3158

BID - 19348

OPENBSD - [3.9] 20060825 006: SECURITY FIX: August 25, 2006

SECTRACK - 1016755

SECUNIA - 21655

MISC - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380273


Last Updated: 27 May 2016 10:42:54