Vulnerability Description
Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifier parameter.
CVSS Score
5.7
MEDIUM
AV:A/AC:M/Au:N/C:N/I:N/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Isc | Dhcp | 4.2.0 |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-updates/2012-08/msg00030.html
- http://security.gentoo.org/glsa/glsa-201301-06.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:115
- http://www.securityfocus.com/bid/54665
- https://kb.isc.org/article/AA-00714Vendor Advisory
- http://lists.opensuse.org/opensuse-updates/2012-08/msg00030.html
- http://security.gentoo.org/glsa/glsa-201301-06.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:115
- http://www.securityfocus.com/bid/54665
- https://kb.isc.org/article/AA-00714Vendor Advisory
FAQ
What is CVE-2012-3570?
CVE-2012-3570 is a vulnerability with a CVSS score of 5.7 (MEDIUM). Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifie...
How severe is CVE-2012-3570?
CVE-2012-3570 has been rated MEDIUM with a CVSS base score of 5.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-3570?
Check the references section above for vendor advisories and patch information. Affected products include: Isc Dhcp.