CVE 2011-2749
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet.
Related bugs and status
CVE-2011-2749 (Candidate) is related to these bugs:
Bug #341817: dhcpd wont start due to rndc.key permissions
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 341817 | dhcpd wont start due to rndc.key permissions | isc-dhcp (Ubuntu) | Wishlist | Fix Released | ||
Bug #616809: ifupdown: dhcp behaviour does not comply with RFC 3442
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 616809 | ifupdown: dhcp behaviour does not comply with RFC 3442 | isc-dhcp (Ubuntu) | Medium | Fix Released | ||
| 616809 | ifupdown: dhcp behaviour does not comply with RFC 3442 | isc-dhcp (Debian) | Unknown | Fix Released | ||
Bug #727837: dhcp3-server fails to drop privileges properly
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 727837 | dhcp3-server fails to drop privileges properly | isc-dhcp (Ubuntu) | Undecided | Fix Released | ||
| 727837 | dhcp3-server fails to drop privileges properly | isc-dhcp (Ubuntu Natty) | Undecided | Won't Fix | ||
| 727837 | dhcp3-server fails to drop privileges properly | dhcp3 (Ubuntu) | Undecided | Won't Fix | ||
| 727837 | dhcp3-server fails to drop privileges properly | dhcp3 (Ubuntu Hardy) | Undecided | Won't Fix | ||
| 727837 | dhcp3-server fails to drop privileges properly | dhcp3 (Ubuntu Lucid) | Undecided | Won't Fix | ||
| 727837 | dhcp3-server fails to drop privileges properly | isc-dhcp (Ubuntu Oneiric) | Undecided | Won't Fix | ||
| 727837 | dhcp3-server fails to drop privileges properly | isc-dhcp (Ubuntu Precise) | Medium | Fix Released | ||
| 727837 | dhcp3-server fails to drop privileges properly | isc-dhcp (Ubuntu Quantal) | Undecided | Fix Released | ||
Bug #768171: /sbin/dhclient3 remains after all dhcp3 packages purged
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 768171 | /sbin/dhclient3 remains after all dhcp3 packages purged | isc-dhcp (Ubuntu) | Undecided | Fix Released | ||
| 768171 | /sbin/dhclient3 remains after all dhcp3 packages purged | ifupdown (Ubuntu) | Undecided | Invalid | ||
| 768171 | /sbin/dhclient3 remains after all dhcp3 packages purged | isc-dhcp (Debian) | Unknown | Fix Released | ||
Bug #841182: rfc3442-classless-routes does not support gateway of 0.0.0.0
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 841182 | rfc3442-classless-routes does not support gateway of 0.0.0.0 | isc-dhcp (Ubuntu) | Undecided | Fix Released | ||
| 841182 | rfc3442-classless-routes does not support gateway of 0.0.0.0 | DHCP | Unknown | Fix Released | ||
Bug #872929: IPv6 getting DNS server from stateless DHCP is broken
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 872929 | IPv6 getting DNS server from stateless DHCP is broken | isc-dhcp (Ubuntu) | Undecided | Fix Released | ||
Bug #881558: Regression in test logic for MTU 576 in /sbin/dhclient-script
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 881558 | Regression in test logic for MTU 576 in /sbin/dhclient-script | isc-dhcp (Ubuntu) | Undecided | Fix Released | ||
Bug #991360: isc-dhcp-client does not send hostnames in DHCPv6 by default
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 991360 | isc-dhcp-client does not send hostnames in DHCPv6 by default | isc-dhcp (Ubuntu) | Low | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
