CVE-2012-3955 : ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon

ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.

Published 2012-09-14 10:33:21

Updated 2020-01-08 17:16:41

Source MITRE

View at NVD, CVE.org

Vulnerability category: Denial of service

Threat overview for CVE-2012-3955

Top countries where our scanners detected CVE-2012-3955

Top open port discovered on systems with this issue 8200

IPs affected by CVE-2012-3955 341

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2012-3955!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2012-3955

Probability of exploitation activity in the next 30 days: 2.08%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 89 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2012-3955

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.1	HIGH	AV:N/AC:M/Au:N/C:N/I:N/A:C	8.6	6.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete

References for CVE-2012-3955

http://lists.opensuse.org/opensuse-updates/2012-09/msg00103.html

openSUSE-SU-2012:1252-1: moderate: dhcp
Mailing List;Third Party Advisory
http://www.debian.org/security/2012/dsa-2551

Debian -- Security Information -- DSA-2551-1 isc-dhcp
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2013-0504.html

RHSA-2013:0504 - Security Advisory - Red Hat Customer Portal
Third Party Advisory
https://blogs.oracle.com/sunsecurity/entry/cve_2012_3955_denial_of

CVE-2012-3955 Denial of Service (DoS) vulnerability in ISC DHCP | Oracle Third Party Vulnerability Resolution Blog
Third Party Advisory
http://www.securityfocus.com/bid/55530

ISC DHCP IPv6 Lease Expiration Handling Denial of Service Vulnerability
Third Party Advisory;VDB Entry
http://lists.opensuse.org/opensuse-updates/2012-09/msg00105.html

openSUSE-SU-2012:1254-1: moderate: dhcp
Mailing List;Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086992.html

[SECURITY] Fedora 18 Update: dhcp-4.2.4-15.P2.fc18
Third Party Advisory
https://kb.isc.org/article/AA-00779

CVE-2012-3955: Reducing the expiration time for an IPv6 lease may cause the server to crash - Security Advisories
Vendor Advisory
http://www.securitytracker.com/id?1027528

ISC DHCP IPv6 Lease Expiration Bug Lets Remote Users Deny Service - SecurityTracker
Third Party Advisory;VDB Entry
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088220.html

[SECURITY] Fedora 17 Update: dhcp-4.2.4-13.P2.fc17
Third Party Advisory
http://www.ubuntu.com/usn/USN-1571-1

USN-1571-1: DHCP vulnerability | Ubuntu security notices
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2012-09/msg00088.html

openSUSE-SU-2012:1234-1: moderate: dhcp
Mailing List;Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2012-October/088882.html

[SECURITY] Fedora 16 Update: dhcp-4.2.4-1.P2.fc16
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2012:153

mandriva.com
Third Party Advisory
http://security.gentoo.org/glsa/glsa-201301-06.xml

ISC DHCP: Denial of Service (GLSA 201301-06) — Gentoo security
Third Party Advisory

CVEs referencing this url

Products affected by CVE-2012-3955

Debian » Debian Linux » Version: 6.0
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 7.0
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1.1 Update B3
cpe:2.3:a:isc:dhcp:4.1.1:b3:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1.1 Update RC1
cpe:2.3:a:isc:dhcp:4.1.1:rc1:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1.1 Update B1
cpe:2.3:a:isc:dhcp:4.1.1:b1:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1.1 Update B2
cpe:2.3:a:isc:dhcp:4.1.1:b2:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1-esv
cpe:2.3:a:isc:dhcp:4.1-esv:-:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1-esv Update R1
cpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1-esv Update R2
cpe:2.3:a:isc:dhcp:4.1-esv:r2:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1-esv Update R3
cpe:2.3:a:isc:dhcp:4.1-esv:r3:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1-esv Update R3 B1
cpe:2.3:a:isc:dhcp:4.1-esv:r3_b1:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1-esv Update RC1
cpe:2.3:a:isc:dhcp:4.1-esv:rc1:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1.1
cpe:2.3:a:isc:dhcp:4.1.1:-:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1.0
cpe:2.3:a:isc:dhcp:4.1.0:-:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1.2
cpe:2.3:a:isc:dhcp:4.1.2:-:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1.0 Update B1
cpe:2.3:a:isc:dhcp:4.1.0:b1:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1.0 Update A2
cpe:2.3:a:isc:dhcp:4.1.0:a2:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1.0 Update A1
cpe:2.3:a:isc:dhcp:4.1.0:a1:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1-esv Update R4
cpe:2.3:a:isc:dhcp:4.1-esv:r4:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1-esv Update R5
cpe:2.3:a:isc:dhcp:4.1-esv:r5:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1-esv Update R5 B1
cpe:2.3:a:isc:dhcp:4.1-esv:r5_b1:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1-esv Update R5 Rc1
cpe:2.3:a:isc:dhcp:4.1-esv:r5_rc1:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1-esv Update R5 Rc2
cpe:2.3:a:isc:dhcp:4.1-esv:r5_rc2:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1-esv Update R6
cpe:2.3:a:isc:dhcp:4.1-esv:r6:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1.2 Update B1
cpe:2.3:a:isc:dhcp:4.1.2:b1:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1.2 Update P1
cpe:2.3:a:isc:dhcp:4.1.2:p1:*:*:*:*:*:*
Matching versions
ISC » Dhcp » Version: 4.1.2 Update RC1
cpe:2.3:a:isc:dhcp:4.1.2:rc1:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 10.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 12.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 11.04
cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 11.10
cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2012-3955

Threat overview for CVE-2012-3955

Exploit prediction scoring system (EPSS) score for CVE-2012-3955

CVSS scores for CVE-2012-3955

References for CVE-2012-3955

Products affected by CVE-2012-3955