ISC DHCP 4.2.1 Release Candidate 1
Approved changes feed: RSS · Atom
cpe:2.3:a:isc:dhcp:4.2.1:rc1:*:*:*:*:*:*
part: a version: 4.2.1 update: rc1
| Vendor | Isc (4a2f2b37-98b6-5702-822d-72afcd17d050) |
|---|---|
| Product | Dhcp (4e92e1a9-a8b0-5696-8d39-7119e87ecd86) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/isc-projects/dhcp |
purl2cpe | 2026-06-01 10:15:10.728673 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2016-2774 |
vulnerable | 2026-06-08 05:07:42.818617 |
Details available
ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions.
Published: 2016-03-09T15:26:00.000Z
Updated: 2024-08-05T23:32:20.980Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-8605 |
vulnerable | 2026-06-08 05:07:04.495775 |
Details available
ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.
Published: 2016-01-14T22:00:00.000Z
Updated: 2024-08-06T08:20:43.591Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-2494 |
vulnerable | 2026-06-08 05:04:26.623721 |
Details available
libdns in ISC DHCP 4.2.x before 4.2.5-P1 allows remote name servers to cause a denial of service (memory consumption) via vectors involving a regular expression, as demonstrated by a memory-exhaustion attack against a machine running a dhcpd process, a related issue to CVE-2013-2266.
Published: 2013-03-28T16:00:00.000Z
Updated: 2024-09-16T19:52:30.979Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-3954 |
vulnerable | 2026-06-08 05:02:14.548864 |
Details available
Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.
Published: 2012-07-25T10:00:00.000Z
Updated: 2024-08-06T20:21:04.079Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-3571 |
vulnerable | 2026-06-08 05:02:10.925972 |
Details available
ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.
Published: 2012-07-25T10:00:00.000Z
Updated: 2024-08-06T20:13:51.326Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-3570 |
vulnerable | 2026-06-08 05:02:10.918305 |
Details available
Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifier parameter.
Published: 2012-07-25T10:00:00.000Z
Updated: 2024-08-06T20:13:50.567Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4868 |
vulnerable | 2026-06-08 04:59:33.389330 |
Details available
The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets related to a lease-status update.
Published: 2012-01-15T02:00:00.000Z
Updated: 2024-08-07T00:16:35.122Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4539 |
vulnerable | 2026-06-08 04:59:31.787652 |
Details available
dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet.
Published: 2011-12-08T11:00:00.000Z
Updated: 2024-08-07T00:09:18.744Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-2749 |
vulnerable | 2026-06-08 04:58:09.062208 |
Details available
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet.
Published: 2011-08-15T21:00:00.000Z
Updated: 2024-08-06T23:08:23.964Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-2748 |
vulnerable | 2026-06-08 04:58:09.059497 |
Details available
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.
Published: 2011-08-15T21:00:00.000Z
Updated: 2024-08-06T23:08:23.745Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-0997 |
vulnerable | 2026-06-08 04:56:40.560107 |
Details available
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
Published: 2011-04-08T15:00:00.000Z
Updated: 2024-08-06T22:14:27.265Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.