In association with heise online

28 January 2011, 16:39

Update fixes DoS vulnerability in DHCPv6 server

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The Internet Systems Consortium (ISC) has released an update to address a denial of service (DoS) vulnerability for the DHCPv6 server. According to the ISC report, when the DHCPv6 server processes a message for an address that was previously declined it can trigger an assert failure resulting in the server crashing. This can be remotely exploited to disrupt the allocation of IPv6 addresses. This issue only affects DHCPv6 servers – DHCPv4 servers are unaffected.

According to the ISC, versions 4.0.x to 4.2.x of the DHCPv6 server are affected. Upgrading to 4.1.2-P1, 4.1-ESV-R1 or 4.2.1b1 solves the problem.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit