Skip to main content

Dhcp CVE-2012-3954

LOW
Resource Management Errors (CWE-399)
2012-07-25 cve@mitre.org
3.3
CVSS 2.0 · NVD

Severity by source

NVD PRIMARY
3.3 LOW
AV:A/AC:L/Au:N/C:N/I:N/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:A/AC:L/Au:N/C:N/I:N/A:P
Attack Vector
Adjacent
Attack Complexity
Low
Confidentiality
None
Integrity
None
Availability
P

Lifecycle Timeline

1
CVE Published
Jul 25, 2012 - 10:42 cve.org
LOW 3.3

DescriptionCVE.org

Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.

AnalysisAI

Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-399. Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests. Affected products include: Isc Dhcp, Debian Debian Linux, Canonical Ubuntu Linux. Version information: before 4.2.4.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More in Dhcp

View all
CVE-2016-2774 MEDIUM
5.9 Mar 09

ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessio

CVE-2015-8605 MEDIUM
6.5 Jan 14

ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of servic

CVE-2012-3571 MEDIUM POC
6.1 Jul 25

ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinit

CVE-2021-25217 HIGH POC
7.4 May 26

In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x

CVE-2012-3955 HIGH
7.1 Sep 14

ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon

CVE-2025-33050 HIGH
7.5 Jun 10

Protection mechanism failure in Windows DHCP Server that enables network-based denial-of-service attacks without requiri

CVE-2025-32725 HIGH
7.5 Jun 10

Network-accessible denial-of-service vulnerability in Windows DHCP Server caused by a protection mechanism failure (CWE-

CVE-2022-2929 MEDIUM
6.5 Oct 07

In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP pack

CVE-2022-2928 MEDIUM
6.5 Oct 07

In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called

CVE-2012-3570 MEDIUM
5.7 Jul 25

Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denia

CVE-2013-2494 MEDIUM
4.9 Mar 28

libdns in ISC DHCP 4.2.x before 4.2.5-P1 allows remote name servers to cause a denial of service (memory consumption) vi

Share

CVE-2012-3954 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy