CVE-2006-3122

Publication date 9 August 2006

Last updated 24 July 2024

The supersede_lease function in memory.c in ISC DHCP (dhcpd) server 2.0pl5 allows remote attackers to cause a denial of service (application crash) via a DHCPDISCOVER packet with a 32 byte client-identifier, which causes the packet to be interpreted as a corrupt uid and causes the server to exit with "corrupt lease uid."

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
dhcp	9.04 jaunty	Not in release
	8.10 intrepid	Not in release
	8.04 LTS hardy	Not in release
	7.10 gutsy	Fixed 2.0pl5-19.5ubuntu2
	7.04 feisty	Fixed 2.0pl5-19.5ubuntu2
	6.10 edgy	Ignored end of life, was needed
	6.06 LTS dapper	Ignored end of life

How can I get the fixes?
What do statuses mean?

Notes

kees

server denial-of-service

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2006-3122