Threat Level: green Handler on Duty: Russ McRee

SANS ISC: ISC DHCP DHCPv6 Vulnerability - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
ISC DHCP DHCPv6 Vulnerability

The Internet Systems Consortium, the makers of the open source DHCP server, indicated the DHCPv6 service may crash after processing a DHCPv6 decline message. This vulnerability has been assigned CVE 2011-0413 and affect version 4.0.x-4.2.x and maybe remotely exploitable.

Note: This DoS only affects DHCPv6 servers and there is currently no workaround.
 

[1] https://lists.isc.org/pipermail/isc-os-security/2011-January/000000.html

[2] http://www.kb.cert.org/vuls/id/686084

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

Guy

427 Posts
ISC Handler
Another reason to get DNS server information added to IPv6 router advertisements, and make DHCP obsolete in IPv6.
oleksiy

34 Posts
- http://www.securitytracker.com/id/1024999
Jan 28 2011 - "... Solution: The vendor has issued a fix (4.1.2-P1, 4.1-ESV-R1, or 4.2.1b1).
The vendor's advisory is available at:
Vendor URL: www.isc.org/software/dhcp/advisories/cve-2011-0413
"... Solution: Upgrade to 4.1.2-P1, 4.1-ESV-R1, or 4.2.1b1..."
.
Jack

160 Posts

Sign Up for Free or Log In to start participating in the conversation!