CVE-2012-3955 - Vulnerability Details

Vendors	Products
Canonical	Ubuntu Linux
Debian	Debian Linux
Isc	Dhcp
Redhat	Enterprise Linux

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 6
dhcp-12:4.1.1-34.P1.el6	cpe:/o:redhat:enterprise_linux:6	RHSA-2013:0504	2013-02-20T00:00:00Z

Link	Providers
http://lists.fedoraproject.org/pipermail/package-announce/2012-October/088882.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086992.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088220.html
http://lists.opensuse.org/opensuse-updates/2012-09/msg00088.html
http://lists.opensuse.org/opensuse-updates/2012-09/msg00103.html
http://lists.opensuse.org/opensuse-updates/2012-09/msg00105.html
http://rhn.redhat.com/errata/RHSA-2013-0504.html
http://secunia.com/advisories/51318
http://security.gentoo.org/glsa/glsa-201301-06.xml
http://www.debian.org/security/2012/dsa-2551
http://www.mandriva.com/security/advisories?name=MDVSA-2012:153
http://www.securityfocus.com/bid/55530
http://www.securitytracker.com/id?1027528
http://www.ubuntu.com/usn/USN-1571-1
https://blogs.oracle.com/sunsecurity/entry/cve_2012_3955_denial_of
https://kb.isc.org/article/AA-00779
https://nvd.nist.gov/vuln/detail/CVE-2012-3955
https://www.cve.org/CVERecord?id=CVE-2012-3955

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-09-12T00:00:00", "descriptions": [{"lang": "en", "value": "ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-09-29T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "FEDORA-2012-14149", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088220.html"}, {"name": "openSUSE-SU-2012:1252", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2012-09/msg00103.html"}, {"name": "USN-1571-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1571-1"}, {"name": "openSUSE-SU-2012:1234", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2012-09/msg00088.html"}, {"name": "DSA-2551", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2012/dsa-2551"}, {"name": "51318", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/51318"}, {"name": "MDVSA-2012:153", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:153"}, {"name": "FEDORA-2012-13910", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086992.html"}, {"name": "55530", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/55530"}, {"name": "FEDORA-2012-14076", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/088882.html"}, {"name": "RHSA-2013:0504", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0504.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_3955_denial_of"}, {"name": "openSUSE-SU-2012:1254", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2012-09/msg00105.html"}, {"name": "GLSA-201301-06", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201301-06.xml"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kb.isc.org/article/AA-00779"}, {"name": "1027528", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1027528"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-3955", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "FEDORA-2012-14149", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088220.html"}, {"name": "openSUSE-SU-2012:1252", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2012-09/msg00103.html"}, {"name": "USN-1571-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1571-1"}, {"name": "openSUSE-SU-2012:1234", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2012-09/msg00088.html"}, {"name": "DSA-2551", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2012/dsa-2551"}, {"name": "51318", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51318"}, {"name": "MDVSA-2012:153", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:153"}, {"name": "FEDORA-2012-13910", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086992.html"}, {"name": "55530", "refsource": "BID", "url": "http://www.securityfocus.com/bid/55530"}, {"name": "FEDORA-2012-14076", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/088882.html"}, {"name": "RHSA-2013:0504", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-0504.html"}, {"name": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_3955_denial_of", "refsource": "CONFIRM", "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_3955_denial_of"}, {"name": "openSUSE-SU-2012:1254", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2012-09/msg00105.html"}, {"name": "GLSA-201301-06", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201301-06.xml"}, {"name": "https://kb.isc.org/article/AA-00779", "refsource": "CONFIRM", "url": "https://kb.isc.org/article/AA-00779"}, {"name": "1027528", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1027528"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T20:21:04.060Z"}, "title": "CVE Program Container", "references": [{"name": "FEDORA-2012-14149", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088220.html"}, {"name": "openSUSE-SU-2012:1252", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2012-09/msg00103.html"}, {"name": "USN-1571-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1571-1"}, {"name": "openSUSE-SU-2012:1234", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2012-09/msg00088.html"}, {"name": "DSA-2551", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2012/dsa-2551"}, {"name": "51318", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/51318"}, {"name": "MDVSA-2012:153", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:153"}, {"name": "FEDORA-2012-13910", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086992.html"}, {"name": "55530", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/55530"}, {"name": "FEDORA-2012-14076", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/088882.html"}, {"name": "RHSA-2013:0504", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0504.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_3955_denial_of"}, {"name": "openSUSE-SU-2012:1254", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2012-09/msg00105.html"}, {"name": "GLSA-201301-06", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-201301-06.xml"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.isc.org/article/AA-00779"}, {"name": "1027528", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1027528"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-3955", "datePublished": "2012-09-14T10:00:00", "dateReserved": "2012-07-11T00:00:00", "dateUpdated": "2024-08-06T20:21:04.060Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2012-09-12T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2012-09-29T09:00:00 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : FEDORA-2012-14149 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088220.html (string)

}

1 : { »

name : openSUSE-SU-2012:1252 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://lists.opensuse.org/opensuse-updates/2012-09/msg00103.html (string)

}

2 : { »

name : USN-1571-1 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

]

url : http://www.ubuntu.com/usn/USN-1571-1 (string)

}

3 : { »

name : openSUSE-SU-2012:1234 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://lists.opensuse.org/opensuse-updates/2012-09/msg00088.html (string)

}

4 : { »

name : DSA-2551 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_DEBIAN (string)

]

url : http://www.debian.org/security/2012/dsa-2551 (string)

}

5 : { »

name : 51318 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/51318 (string)

}

6 : { »

name : MDVSA-2012:153 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_MANDRIVA (string)

]

url : http://www.mandriva.com/security/advisories?name=MDVSA-2012:153 (string)

}

7 : { »

name : FEDORA-2012-13910 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086992.html (string)

}

8 : { »

name : 55530 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/55530 (string)

}

9 : { »

name : FEDORA-2012-14076 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2012-October/088882.html (string)

}

10 : { »

name : RHSA-2013:0504 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : http://rhn.redhat.com/errata/RHSA-2013-0504.html (string)

}

11 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://blogs.oracle.com/sunsecurity/entry/cve_2012_3955_denial_of (string)

}

12 : { »

name : openSUSE-SU-2012:1254 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://lists.opensuse.org/opensuse-updates/2012-09/msg00105.html (string)

}

13 : { »

name : GLSA-201301-06 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_GENTOO (string)

]

url : http://security.gentoo.org/glsa/glsa-201301-06.xml (string)

}

14 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://kb.isc.org/article/AA-00779 (string)

}

15 : { »

name : 1027528 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id?1027528 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2012-3955 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : FEDORA-2012-14149 (string)

refsource : FEDORA (string)

url : http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088220.html (string)

}

1 : { »

name : openSUSE-SU-2012:1252 (string)

refsource : SUSE (string)

url : http://lists.opensuse.org/opensuse-updates/2012-09/msg00103.html (string)

}

2 : { »

name : USN-1571-1 (string)

refsource : UBUNTU (string)

url : http://www.ubuntu.com/usn/USN-1571-1 (string)

}

3 : { »

name : openSUSE-SU-2012:1234 (string)

refsource : SUSE (string)

url : http://lists.opensuse.org/opensuse-updates/2012-09/msg00088.html (string)

}

4 : { »

name : DSA-2551 (string)

refsource : DEBIAN (string)

url : http://www.debian.org/security/2012/dsa-2551 (string)

}

5 : { »

name : 51318 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/51318 (string)

}

6 : { »

name : MDVSA-2012:153 (string)

refsource : MANDRIVA (string)

url : http://www.mandriva.com/security/advisories?name=MDVSA-2012:153 (string)

}

7 : { »

name : FEDORA-2012-13910 (string)

refsource : FEDORA (string)

url : http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086992.html (string)

}

8 : { »

name : 55530 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/55530 (string)

}

9 : { »

name : FEDORA-2012-14076 (string)

refsource : FEDORA (string)

url : http://lists.fedoraproject.org/pipermail/package-announce/2012-October/088882.html (string)

}

10 : { »

name : RHSA-2013:0504 (string)

refsource : REDHAT (string)

url : http://rhn.redhat.com/errata/RHSA-2013-0504.html (string)

}

11 : { »

name : https://blogs.oracle.com/sunsecurity/entry/cve_2012_3955_denial_of (string)

refsource : CONFIRM (string)

url : https://blogs.oracle.com/sunsecurity/entry/cve_2012_3955_denial_of (string)

}

12 : { »

name : openSUSE-SU-2012:1254 (string)

refsource : SUSE (string)

url : http://lists.opensuse.org/opensuse-updates/2012-09/msg00105.html (string)

}

13 : { »

name : GLSA-201301-06 (string)

refsource : GENTOO (string)

url : http://security.gentoo.org/glsa/glsa-201301-06.xml (string)

}

14 : { »

name : https://kb.isc.org/article/AA-00779 (string)

refsource : CONFIRM (string)

url : https://kb.isc.org/article/AA-00779 (string)

}

15 : { »

name : 1027528 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id?1027528 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T20:21:04.060Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : FEDORA-2012-14149 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

2 : x_transferred (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088220.html (string)

}

1 : { »

name : openSUSE-SU-2012:1252 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://lists.opensuse.org/opensuse-updates/2012-09/msg00103.html (string)

}

2 : { »

name : USN-1571-1 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

2 : x_transferred (string)

]

url : http://www.ubuntu.com/usn/USN-1571-1 (string)

}

3 : { »

name : openSUSE-SU-2012:1234 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://lists.opensuse.org/opensuse-updates/2012-09/msg00088.html (string)

}

4 : { »

name : DSA-2551 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_DEBIAN (string)

2 : x_transferred (string)

]

url : http://www.debian.org/security/2012/dsa-2551 (string)

}

5 : { »

name : 51318 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/51318 (string)

}

6 : { »

name : MDVSA-2012:153 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_MANDRIVA (string)

2 : x_transferred (string)

]

url : http://www.mandriva.com/security/advisories?name=MDVSA-2012:153 (string)

}

7 : { »

name : FEDORA-2012-13910 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

2 : x_transferred (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086992.html (string)

}

8 : { »

name : 55530 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/55530 (string)

}

9 : { »

name : FEDORA-2012-14076 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

2 : x_transferred (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2012-October/088882.html (string)

}

10 : { »

name : RHSA-2013:0504 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : http://rhn.redhat.com/errata/RHSA-2013-0504.html (string)

}

11 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://blogs.oracle.com/sunsecurity/entry/cve_2012_3955_denial_of (string)

}

12 : { »

name : openSUSE-SU-2012:1254 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://lists.opensuse.org/opensuse-updates/2012-09/msg00105.html (string)

}

13 : { »

name : GLSA-201301-06 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_GENTOO (string)

2 : x_transferred (string)

]

url : http://security.gentoo.org/glsa/glsa-201301-06.xml (string)

}

14 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://kb.isc.org/article/AA-00779 (string)

}

15 : { »

name : 1027528 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id?1027528 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2012-3955 (string)

datePublished : 2012-09-14T10:00:00 (string)

dateReserved : 2012-07-11T00:00:00 (string)

dateUpdated : 2024-08-06T20:21:04.060Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:-:*:*:*:*:*:*", "matchCriteriaId": "F27D0660-2F07-430B-A651-5D0B6AA763C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:*", "matchCriteriaId": "FBAABA4E-0D34-4644-AC26-E272CEE6C361", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r2:*:*:*:*:*:*", "matchCriteriaId": "A5E2FFC7-6E73-463E-846C-C403E41A2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r3:*:*:*:*:*:*", "matchCriteriaId": "E9D08285-745D-40AB-9A78-F467712CDA5A", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r3_b1:*:*:*:*:*:*", "matchCriteriaId": "1D115F1F-1A3A-4924-AF10-723B3BB0CBB9", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r4:*:*:*:*:*:*", "matchCriteriaId": "79F235F0-AD16-4E5B-AB60-97F0BB86AEB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r5:*:*:*:*:*:*", "matchCriteriaId": "E84D5E5B-0336-4166-AAAC-49375E3AF971", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r5_b1:*:*:*:*:*:*", "matchCriteriaId": "09561C97-563C-4DDC-9EE4-E83EFFD467D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r5_rc1:*:*:*:*:*:*", "matchCriteriaId": "519CF0CC-FB12-4C68-88A0-E0E15738C620", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r5_rc2:*:*:*:*:*:*", "matchCriteriaId": "80EB131E-32E5-458F-8DDA-48835D2D883F", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r6:*:*:*:*:*:*", "matchCriteriaId": "65E0296F-3522-4B43-AF34-CFE1AE7EEC1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:rc1:*:*:*:*:*:*", "matchCriteriaId": "3120B566-2BB6-4A1F-9ED7-E099E2870919", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1.0:-:*:*:*:*:*:*", "matchCriteriaId": "78214BCE-9739-40B9-A32E-89C16F7195DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1.0:a1:*:*:*:*:*:*", "matchCriteriaId": "40C764F4-8FAD-477E-92E5-79D234673478", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1.0:a2:*:*:*:*:*:*", "matchCriteriaId": "36045DDB-48C6-48CA-AAAF-A3487EF7A537", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1.0:b1:*:*:*:*:*:*", "matchCriteriaId": "ECA81B95-97B7-4A56-A448-6E5DB6FA5F76", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1.1:-:*:*:*:*:*:*", "matchCriteriaId": "A91F4FD9-1797-4B9C-AFB8-EC6445119DA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1.1:b1:*:*:*:*:*:*", "matchCriteriaId": "4479C934-BF9A-428F-AD22-41C45B70C546", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1.1:b2:*:*:*:*:*:*", "matchCriteriaId": "11EE9507-6827-4CFF-B3B4-9DC4DE3E0B1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1.1:b3:*:*:*:*:*:*", "matchCriteriaId": "E6CE1A0F-BE1E-4312-B68F-F09B05929F9C", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1.1:rc1:*:*:*:*:*:*", "matchCriteriaId": "17B6DEFA-0977-474A-9871-B03DEE924ADA", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "09F19067-DD99-4B26-8125-0801459ED6B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1.2:b1:*:*:*:*:*:*", "matchCriteriaId": "9B63D409-60F5-4AB9-A576-8672D42E071E", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1.2:p1:*:*:*:*:*:*", "matchCriteriaId": "CA5D825C-B72A-44F5-AF24-4F3200881ABA", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1.2:rc1:*:*:*:*:*:*", "matchCriteriaId": "9A1C3F3E-CFB2-40F2-89F4-735AAE042F65", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", "matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "matchCriteriaId": "EF49D26F-142E-468B-87C1-BABEA445255C", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced."}, {"lang": "es", "value": "ISC DHCP v4.1-4.1.x antes de v4.1-ESV-R7 y v4.2.x antes de v4.2.4-P2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) en determinadas circunstancias mediante el establecimiento de un 'lease' IPv6 en un entorno donde la expiraci\u00f3n del leasing es posteriormente reducida.\r\n"}], "id": "CVE-2012-3955", "lastModified": "2024-11-21T01:41:52.910", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-09-14T10:33:21.307", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/088882.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086992.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088220.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2012-09/msg00088.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2012-09/msg00103.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2012-09/msg00105.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0504.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/51318"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://security.gentoo.org/glsa/glsa-201301-06.xml"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2012/dsa-2551"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:153"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/55530"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1027528"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-1571-1"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_3955_denial_of"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://kb.isc.org/article/AA-00779"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/088882.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086992.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088220.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2012-09/msg00088.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2012-09/msg00103.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2012-09/msg00105.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0504.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/51318"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://security.gentoo.org/glsa/glsa-201301-06.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2012/dsa-2551"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:153"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/55530"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1027528"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-1571-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_3955_denial_of"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://kb.isc.org/article/AA-00779"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1-esv:-:*:*:*:*:*:* (string)

matchCriteriaId : F27D0660-2F07-430B-A651-5D0B6AA763C0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:* (string)

matchCriteriaId : FBAABA4E-0D34-4644-AC26-E272CEE6C361 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1-esv:r2:*:*:*:*:*:* (string)

matchCriteriaId : A5E2FFC7-6E73-463E-846C-C403E41A2022 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1-esv:r3:*:*:*:*:*:* (string)

matchCriteriaId : E9D08285-745D-40AB-9A78-F467712CDA5A (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1-esv:r3_b1:*:*:*:*:*:* (string)

matchCriteriaId : 1D115F1F-1A3A-4924-AF10-723B3BB0CBB9 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1-esv:r4:*:*:*:*:*:* (string)

matchCriteriaId : 79F235F0-AD16-4E5B-AB60-97F0BB86AEB6 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1-esv:r5:*:*:*:*:*:* (string)

matchCriteriaId : E84D5E5B-0336-4166-AAAC-49375E3AF971 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1-esv:r5_b1:*:*:*:*:*:* (string)

matchCriteriaId : 09561C97-563C-4DDC-9EE4-E83EFFD467D6 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1-esv:r5_rc1:*:*:*:*:*:* (string)

matchCriteriaId : 519CF0CC-FB12-4C68-88A0-E0E15738C620 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1-esv:r5_rc2:*:*:*:*:*:* (string)

matchCriteriaId : 80EB131E-32E5-458F-8DDA-48835D2D883F (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1-esv:r6:*:*:*:*:*:* (string)

matchCriteriaId : 65E0296F-3522-4B43-AF34-CFE1AE7EEC1E (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1-esv:rc1:*:*:*:*:*:* (string)

matchCriteriaId : 3120B566-2BB6-4A1F-9ED7-E099E2870919 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1.0:-:*:*:*:*:*:* (string)

matchCriteriaId : 78214BCE-9739-40B9-A32E-89C16F7195DC (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1.0:a1:*:*:*:*:*:* (string)

matchCriteriaId : 40C764F4-8FAD-477E-92E5-79D234673478 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1.0:a2:*:*:*:*:*:* (string)

matchCriteriaId : 36045DDB-48C6-48CA-AAAF-A3487EF7A537 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1.0:b1:*:*:*:*:*:* (string)

matchCriteriaId : ECA81B95-97B7-4A56-A448-6E5DB6FA5F76 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1.1:-:*:*:*:*:*:* (string)

matchCriteriaId : A91F4FD9-1797-4B9C-AFB8-EC6445119DA4 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1.1:b1:*:*:*:*:*:* (string)

matchCriteriaId : 4479C934-BF9A-428F-AD22-41C45B70C546 (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1.1:b2:*:*:*:*:*:* (string)

matchCriteriaId : 11EE9507-6827-4CFF-B3B4-9DC4DE3E0B1C (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1.1:b3:*:*:*:*:*:* (string)

matchCriteriaId : E6CE1A0F-BE1E-4312-B68F-F09B05929F9C (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1.1:rc1:*:*:*:*:*:* (string)

matchCriteriaId : 17B6DEFA-0977-474A-9871-B03DEE924ADA (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1.2:-:*:*:*:*:*:* (string)

matchCriteriaId : 09F19067-DD99-4B26-8125-0801459ED6B0 (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1.2:b1:*:*:*:*:*:* (string)

matchCriteriaId : 9B63D409-60F5-4AB9-A576-8672D42E071E (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1.2:p1:*:*:*:*:*:* (string)

matchCriteriaId : CA5D825C-B72A-44F5-AF24-4F3200881ABA (string)

vulnerable : true (boolean)

}

24 : { »

criteria : cpe:2.3:a:isc:dhcp:4.1.2:rc1:*:*:*:*:*:* (string)

matchCriteriaId : 9A1C3F3E-CFB2-40F2-89F4-735AAE042F65 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 036E8A89-7A16-411F-9D31-676313BB7244 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 16F59A04-14CF-49E2-9973-645477EA09DA (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:* (string)

matchCriteriaId : 5D37DF0F-F863-45AC-853A-3E04F9FEC7CA (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:* (string)

matchCriteriaId : EF49D26F-142E-468B-87C1-BABEA445255C (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:* (string)

matchCriteriaId : E4174F4F-149E-41A6-BBCC-D01114C05F38 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:* (string)

matchCriteriaId : B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced. (string)

}

1 : { »

lang : es (string)

value : ISC DHCP v4.1-4.1.x antes de v4.1-ESV-R7 y v4.2.x antes de v4.2.4-P2 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) en determinadas circunstancias mediante el establecimiento de un 'lease' IPv6 en un entorno donde la expiración del leasing es posteriormente reducida. (string)

}

]

id : CVE-2012-3955 (string)

lastModified : 2024-11-21T01:41:52.910 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 7.1 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:M/Au:N/C:N/I:N/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 6.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2012-09-14T10:33:21.307 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2012-October/088882.html (string)

}

1 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086992.html (string)

}

2 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088220.html (string)

}

3 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.opensuse.org/opensuse-updates/2012-09/msg00088.html (string)

}

4 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.opensuse.org/opensuse-updates/2012-09/msg00103.html (string)

}

5 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.opensuse.org/opensuse-updates/2012-09/msg00105.html (string)

}

6 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://rhn.redhat.com/errata/RHSA-2013-0504.html (string)

}

7 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/51318 (string)

}

8 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://security.gentoo.org/glsa/glsa-201301-06.xml (string)

}

9 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.debian.org/security/2012/dsa-2551 (string)

}

10 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.mandriva.com/security/advisories?name=MDVSA-2012:153 (string)

}

11 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/55530 (string)

}

12 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securitytracker.com/id?1027528 (string)

}

13 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.ubuntu.com/usn/USN-1571-1 (string)

}

14 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://blogs.oracle.com/sunsecurity/entry/cve_2012_3955_denial_of (string)

}

15 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://kb.isc.org/article/AA-00779 (string)

}

16 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2012-October/088882.html (string)

}

17 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086992.html (string)

}

18 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088220.html (string)

}

19 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.opensuse.org/opensuse-updates/2012-09/msg00088.html (string)

}

20 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.opensuse.org/opensuse-updates/2012-09/msg00103.html (string)

}

21 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.opensuse.org/opensuse-updates/2012-09/msg00105.html (string)

}

22 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://rhn.redhat.com/errata/RHSA-2013-0504.html (string)

}

23 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/51318 (string)

}

24 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://security.gentoo.org/glsa/glsa-201301-06.xml (string)

}

25 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.debian.org/security/2012/dsa-2551 (string)

}

26 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.mandriva.com/security/advisories?name=MDVSA-2012:153 (string)

}

27 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/55530 (string)

}

28 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securitytracker.com/id?1027528 (string)

}

29 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.ubuntu.com/usn/USN-1571-1 (string)

}

30 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://blogs.oracle.com/sunsecurity/entry/cve_2012_3955_denial_of (string)

}

31 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://kb.isc.org/article/AA-00779 (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-noinfo (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"affected_release": [{"advisory": "RHSA-2013:0504", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "dhcp-12:4.1.1-34.P1.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2013-02-20T00:00:00Z"}], "bugzilla": {"description": "dhcp: reduced expiration time of an IPv6 lease may cause dhcpd to crash", "id": "856766", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=856766"}, "csaw": false, "cvss": {"cvss_base_score": "2.9", "cvss_scoring_vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "status": "verified"}, "details": ["ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.", "A flaw was found in the way the dhcpd daemon handled the expiration time of IPv6 leases. If dhcpd's configuration was changed to reduce the default IPv6 lease time, lease renewal requests for previously assigned leases could cause dhcpd to crash."], "name": "CVE-2012-3955", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "dhcp", "product_name": "Red Hat Enterprise Linux 5"}], "public_date": "2012-09-12T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2012-3955\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-3955"], "statement": "This issue does not affect the version of dhcp as shipped with Red Hat Enterprise Linux 5.", "threat_severity": "Low"}

{

affected_release : [ »

0 : { »

advisory : RHSA-2013:0504 (string)

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

package : dhcp-12:4.1.1-34.P1.el6 (string)

product_name : Red Hat Enterprise Linux 6 (string)

release_date : 2013-02-20T00:00:00Z (string)

}

]

bugzilla : { »

description : dhcp: reduced expiration time of an IPv6 lease may cause dhcpd to crash (string)

id : 856766 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=856766 (string)

}

csaw : false (boolean)

cvss : { »

cvss_base_score : 2.9 (string)

cvss_scoring_vector : AV:A/AC:M/Au:N/C:N/I:N/A:P (string)

status : verified (string)

}

details : [ »

0 : ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced. (string)

1 : A flaw was found in the way the dhcpd daemon handled the expiration time of IPv6 leases. If dhcpd's configuration was changed to reduce the default IPv6 lease time, lease renewal requests for previously assigned leases could cause dhcpd to crash. (string)

]

name : CVE-2012-3955 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:5 (string)

fix_state : Not affected (string)

package_name : dhcp (string)

product_name : Red Hat Enterprise Linux 5 (string)

}

]

public_date : 2012-09-12T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2012-3955 https://nvd.nist.gov/vuln/detail/CVE-2012-3955 (string)

]

statement : This issue does not affect the version of dhcp as shipped with Red Hat Enterprise Linux 5. (string)

threat_severity : Low (string)

}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object