Debian Security Advisory
DSA-2292-1 isc-dhcp -- denial of service
- Date Reported:
- 11 Aug 2011
- Affected Packages:
- isc-dhcp
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2011-2748, CVE-2011-2749.
- More information:
-
David Zych discovered that the ISC DHCP crashes when processing certain packets, leading to a denial of service.
For the oldstable distribution (lenny), this problem has been fixed in version 3.1.1-6+lenny6 of the dhcp3 package.
For the stable distribution (squeeze), this problem has been fixed in version 4.1.1-P1-15+squeeze3 of the isc-dhcp package.
For the testing distribution (wheezy) and the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your ISC DHCP packages.