Skip to main content

Dhcp CVE-2012-3571

MEDIUM
Buffer Overflow (CWE-119)
2012-07-25 cve@mitre.org
6.1
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
6.1 MEDIUM
AV:A/AC:L/Au:N/C:N/I:N/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:A/AC:L/Au:N/C:N/I:N/A:C
Attack Vector
Adjacent
Attack Complexity
Low
Confidentiality
None
Integrity
None
Availability
C

Lifecycle Timeline

1
CVE Published
Jul 25, 2012 - 10:42 cve.org
MEDIUM 6.1

DescriptionCVE.org

ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.

AnalysisAI

ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 20.6%.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier. Affected products include: Isc Dhcp, Canonical Ubuntu Linux, Debian Debian Linux. Version information: through 4.2.4.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

More in Dhcp

View all
CVE-2016-2774 MEDIUM
5.9 Mar 09

ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessio

CVE-2015-8605 MEDIUM
6.5 Jan 14

ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of servic

CVE-2021-25217 HIGH POC
7.4 May 26

In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x

CVE-2012-3955 HIGH
7.1 Sep 14

ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon

CVE-2025-33050 HIGH
7.5 Jun 10

Protection mechanism failure in Windows DHCP Server that enables network-based denial-of-service attacks without requiri

CVE-2025-32725 HIGH
7.5 Jun 10

Network-accessible denial-of-service vulnerability in Windows DHCP Server caused by a protection mechanism failure (CWE-

CVE-2022-2929 MEDIUM
6.5 Oct 07

In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP pack

CVE-2022-2928 MEDIUM
6.5 Oct 07

In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called

CVE-2012-3570 MEDIUM
5.7 Jul 25

Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denia

CVE-2013-2494 MEDIUM
4.9 Mar 28

libdns in ISC DHCP 4.2.x before 4.2.5-P1 allows remote name servers to cause a denial of service (memory consumption) vi

CVE-2012-3954 LOW
3.3 Jul 25

Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers t

Share

CVE-2012-3571 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy