CVE-2011-2748
isc-dhcp - denial of service
EPSS 87.8%
Description
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.
How to fix CVE-2011-2748
To remediate CVE-2011-2748, upgrade the affected package to a fixed version below.
- Debian/dhcp3—upgrade to 3.1.1-6+lenny6 or later
- Debian/isc-dhcp—upgrade to 4.2.2-1 or later
- Debian/isc-dhcp—upgrade to 4.1.1-P1-15+squeeze3 or later
Is CVE-2011-2748 being exploited?
Likely — EPSS is 87.8%, placing CVE-2011-2748 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.
Affected packages (3)
- from 0, < 3.1.1-6+lenny6
- from 0, < 4.2.2-1
- from 0, < 4.1.1-P1-15+squeeze3