ISC DHCP Multiple Denial of Service Vulnerabilities
ISC DHCP before versions DHCP 4.1-ESV-R6 or DHCP 4.2.4-P1
ISC DHCP is prone to multiple denial-of-service vulnerabilities.
Multiple vulnerabilities have been reported in ISC DHCP, which can be exploited by malicious people to cause a DoS (Denial of Service).
1) An error when handling client identifiers can be exploited to trigger an endless loop and prevent the server from processing further client requests via a specially crafted packet.
2) An error when handling client identifiers when running in DHCPv6 mode can be exploited to cause a buffer overflow and crash the server via a specially crafted packet.
3) Two memory leak errors exist when processing messages and can be exploited to consume all memory and prevent the server from processing further requests by sending multiple requests to the server.
An attacker can exploit these issues to cause the affected application to crash, resulting in a denial-of-service condition.
The vendor has issued a fix (Update to version 4.1-ESV-R6 or 4.2.4-P1). ).