GCVE - cpe:2.3:a:isc:dhcp:4.0.3:rc1:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:isc:dhcp:4.0.3:rc1:*:*:*:*:*:*

part: a version: 4.0.3 update: rc1

Vendor	Isc (`4a2f2b37-98b6-5702-822d-72afcd17d050`)
Product	Dhcp (`4e92e1a9-a8b0-5696-8d39-7119e87ecd86`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/isc-projects/dhcp`	purl2cpe	2026-06-01 10:15:10.728550

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2015-8605`	vulnerable	2026-06-08 05:07:04.474539	Details available ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet. Published: 2016-01-14T22:00:00.000Z Updated: 2024-08-06T08:20:43.591Z Open on db.gcve.eu Reference links http://www.securitytracker.com/id/1034657 http://lists.opensuse.org/opensuse-updates/2016-02/msg00168.html https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/ https://kb.isc.org/article/AA-01334 https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4539`	vulnerable	2026-06-08 04:59:31.780015	Details available dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet. Published: 2011-12-08T11:00:00.000Z Updated: 2024-08-07T00:09:18.744Z Open on db.gcve.eu Reference links http://www.mandriva.com/security/advisories?name=MDVSA-2011:182 http://secunia.com/advisories/47153 http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071549.html http://www.ubuntu.com/usn/USN-1309-1 http://lists.opensuse.org/opensuse-updates/2011-12/msg00006.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-2749`	vulnerable	2026-06-08 04:58:09.061837	Details available The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet. Published: 2011-08-15T21:00:00.000Z Updated: 2024-08-06T23:08:23.964Z Open on db.gcve.eu Reference links http://www.ubuntu.com/usn/USN-1190-1 http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065176.html http://secunia.com/advisories/45595 http://lists.opensuse.org/opensuse-updates/2011-09/msg00014.html http://www.debian.org/security/2011/dsa-2292	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-2748`	vulnerable	2026-06-08 04:58:09.047249	Details available The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet. Published: 2011-08-15T21:00:00.000Z Updated: 2024-08-06T23:08:23.745Z Open on db.gcve.eu Reference links http://www.ubuntu.com/usn/USN-1190-1 http://redmine.pfsense.org/issues/1888 http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065176.html http://secunia.com/advisories/45595 http://lists.opensuse.org/opensuse-updates/2011-09/msg00014.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-0413`	vulnerable	2026-06-08 04:56:36.944727	Details available The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address. Published: 2011-01-31T20:00:00.000Z Updated: 2024-08-06T21:51:09.081Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2011/0266 http://secunia.com/advisories/43006 http://www.vupen.com/english/advisories/2011/0235 http://secunia.com/advisories/43354 https://exchange.xforce.ibmcloud.com/vulnerabilities/64959	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.