[pkg-dhcp-devel] Bug#652259: [CVE-2011-4539] DoS with regular expressions in dhcpd.conf
fw at deneb.enyo.de
Thu Dec 15 18:27:14 UTC 2011
Tags: security upstream fixed-upstream
A security bug in dhcpd has been disclosed:
| dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4
| does not properly handle regular expressions in dhcpd.conf, which
| allows remote attackers to cause a denial of service (daemon crash)
| via a crafted request packet.
I'm not sure if this warrants a DSA on its own.
More information about the pkg-dhcp-devel