FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

isc-dhcp-server -- DHCPv6 crash

Affected packages
isc-dhcp41-server <= 4.1.2,1

Details

VuXML ID dc9f8335-2b3b-11e0-a91b-00e0815b8da8
Discovery 2011-01-26
Entry 2011-01-28

ISC reports:

When the DHCPv6 server code processes a message for an address that was previously declined and internally tagged as abandoned it can trigger an assert failure resulting in the server crashing. This could be used to crash DHCPv6 servers remotely. This issue only affects DHCPv6 servers. DHCPv4 servers are unaffected.

References

CVE Name CVE-2011-0413
URL http://www.isc.org/software/dhcp/advisories/cve-2011-0413
URL http://www.kb.cert.org/vuls/id/686084