[pkg-dhcp-devel] Bug#655746: CVE-2011-4868: dhcpd crashes in certain IPv6 configurations
Florian Weimer
fw at deneb.enyo.de
Fri Jan 13 19:34:29 UTC 2012
Package: isc-dhcp
Version: 4.2.2-2
Tags: security
ISC has disclosed a security vulnerability in dhcpd:
| Due to improper handling of a DHCPv6 lease structure, ISC DHCP
| servers that are serving IPv6 address pools AND using Dynamic DNS
| can encounter a segmentation fault error while updating lease status
| under certain conditions. The potential exists for this condition to
| be intentionally triggered, resulting in effective denial of service
| to clients expecting service from the affected server.
<http://www.isc.org/software/dhcp/advisories/cve-2011-4868>
This seems of low impact. According to ISC, the squeeze version
should not be affected, so no action seems required for
stable-security.
More information about the pkg-dhcp-devel
mailing list