Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Dhcpcd
(Dhcpcd_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 12 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-05-05 | CVE-2019-11766 | dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over-read in the D6_OPTION_PD_EXCLUDE feature. | Debian_linux, Dhcpcd | 9.8 | ||
| 2019-04-28 | CVE-2019-11579 | dhcp.c in dhcpcd before 7.2.1 contains a 1-byte read overflow with DHO_OPTSOVERLOADED. | Debian_linux, Dhcpcd | 5.3 | ||
| 2019-04-28 | CVE-2019-11578 | auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets by performing latency attacks. | Dhcpcd | 5.9 | ||
| 2019-04-28 | CVE-2019-11577 | dhcpcd before 7.2.1 contains a buffer overflow in dhcp6_findna in dhcp6.c when reading NA/TA addresses. | Dhcpcd | 9.8 | ||
| 2017-02-07 | CVE-2016-1504 | dhcpcd before 6.10.0 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to the option length. | Dhcpcd | 7.5 | ||
| 2016-04-17 | CVE-2016-1503 | dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 and other products, mismanages option lengths, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a malformed DHCP response, aka internal bug 26461634. | Dhcpcd, Android | 9.8 | ||
| 2014-09-04 | CVE-2014-6060 | The get_option function in dhcpcd 4.0.0 through 6.x before 6.4.3 allows remote DHCP servers to cause a denial of service by resetting the DHO_OPTIONSOVERLOADED option in the (1) bootfile or (2) servername section, which triggers the option to be processed again. | Dhcpcd, Android | N/A | ||
| 2016-04-11 | CVE-2012-6700 | The decode_search function in dhcp.c in dhcpcd 3.x does not properly free allocated memory, which allows remote DHCP servers to cause a denial of service via a crafted response. | Debian_linux, Dhcpcd | 7.5 | ||
| 2016-04-11 | CVE-2012-6699 | The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds read) via a crafted response. | Debian_linux, Dhcpcd | 7.5 | ||
| 2016-04-11 | CVE-2012-6698 | The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds write) via a crafted response. | Debian_linux, Dhcpcd | 7.5 |