ISC DHCP server 4.2 vulnerability

ISC DHCP is open source software that implements Dynamic Host Configuration Protocols for connections in a local network. DHCP is available for free download under the terms of the ISC License, a BSD style license.

An attacker can crash the service by establishing a TCP connection to a port that is configured for communication with a fail-over node. Hence, the server becomes unresponsive to all normal DHCP traffic and ceases to provide DHCP services to clients. The immediate resolution is a server restart; however, ISC recommends a version upgrade to 4.2.0-P2 or later, where the vulnerability is addressed.

Visit ICS advisory DHCP: Server Hangs with TCP to Failover Peer Port for more details.

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top