Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Title ISC DHCP server fails to handle zero-length client identifier
Name VU#541921 First vendor Publication 2010-07-14
Vendor VU-CERT Last vendor Modification 2010-07-14
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


Vulnerability Note VU#541921

ISC DHCP server fails to handle zero-length client identifier


A vulnerability in ISC DHCP could allow a remote attacker to cause the DHCP server to exit, resulting in a denial of service.

I. Description

ISC DHCP is a commonly redistributed reference implementation of the Dynamic Host Configuration Protocol (DHCP), including a server, client, and relay agent. The server component contains a fencepost error in the way that it handles client identifiers. As a result, a request from a client system containing a zero-length client id will cause the server to exit.

ISC indicates that this vulnerability affects ISC-DHCP versions 4.0.x, 4.1.x, and 4.2.x but not 3.1.x. We are aware of publicly available exploit code for this vulnerability.

II. Impact

A remote unauthenticated attacker may cause the DHCP server to exit, thereby causing a denial of service.

III. Solution

Upgrade or apply a patch from the vendor

Patches and updated versions of the software have been released to address this issue. Please see the Systems Affected section of this document for more information.

Users who compile their DHCP software from the original source distribution should upgrade to one of the following versions: 4.1.1-P1 or 4.0.2-P1.

Vendor Information

VendorStatusDate NotifiedDate Updated
Fedora ProjectAffected2010-07-14
Internet Systems ConsortiumAffected2010-07-14
Mandriva S. A.Affected2010-07-14




Thanks to ISC for reporting this vulnerability.

This document was written by Chad R Dougherty.

Other Information

Date Public:2010-06-01
Date First Published:2010-07-14
Date Last Updated:2010-07-14
CERT Advisory: 
US-CERT Technical Alerts: 
Document Revision:7

Original Source

Url : http://www.kb.cert.org/vuls/id/541921

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-189 Numeric Errors (CWE/SANS Top 25)

CPE : Common Platform Enumeration

Application 15

ExploitDB Exploits

id Description
2010-07-03 ISC-DHCPD Denial of Service

OpenVAS Exploits

Date Description
2011-04-21 Name : Fedora Update for dhcp FEDORA-2011-0848
File : nvt/gb_fedora_2011_0848_dhcp_fc13.nasl
2010-11-23 Name : Fedora Update for dhcp FEDORA-2010-17303
File : nvt/gb_fedora_2010_17303_dhcp_fc13.nasl
2010-06-25 Name : Fedora Update for dhcp FEDORA-2010-10083
File : nvt/gb_fedora_2010_10083_dhcp_fc11.nasl
2010-06-25 Name : Fedora Update for dhcp FEDORA-2010-9479
File : nvt/gb_fedora_2010_9479_dhcp_fc12.nasl
2010-06-18 Name : Fedora Update for dhcp FEDORA-2010-9433
File : nvt/gb_fedora_2010_9433_dhcp_fc13.nasl
2010-06-15 Name : Mandriva Update for dhcp MDVSA-2010:114 (dhcp)
File : nvt/gb_mandriva_MDVSA_2010_114.nasl
2010-04-09 Name : Mandriva Update for rpmdrake MDVA-2010:114 (rpmdrake)
File : nvt/gb_mandriva_MDVA_2010_114.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
65246 ISC DHCP Zero-length Client ID Remote DoS

Snort® IPS/IDS

Date Description
2014-01-10 ISC DHCP server zero length client ID denial of service attempt
RuleID : 18935 - Revision : 6 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date Description
2010-11-23 Name : The remote Fedora host is missing a security update.
File : fedora_2010-17303.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-114.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-10083.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-9433.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-9479.nasl - Type : ACT_GATHER_INFO