Vulnerability Report

CVE-2011-4868

Title: Isc Dhcp Memory Corruption

Memory Corruption

Proof Of Concept

No public PoC currently indexed for CVE-2011-4868.

CWE Category CWE-399

Published Date Jan 15, 2012

Modified Date Apr 29, 2026

Exploit Status Not Found

Score 6.1 CVSS v2.0

Exploit Probability (EPSS)

0.85%

Vulnerability Summary

CVE-2011-4868: The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets related to a lease-status update.

Impacted Vendors

isc 1

Reference Links

http://security.gentoo.org/glsa/glsa-201301-06.xml https://deepthought.isc.org/article/AA-00595 https://kb.isc.org/article/AA-00705 https://www.isc.org/software/dhcp/advisories/cve-2011-4868 http://security.gentoo.org/glsa/glsa-201301-06.xml https://deepthought.isc.org/article/AA-00595 https://kb.isc.org/article/AA-00705 https://www.isc.org/software/dhcp/advisories/cve-2011-4868

CVSS v2.0

Source Entity [email protected]

Severity MEDIUM

6.1

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:A/AC:L/Au:N/C:N/I:N/A:C

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2011-4868 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

April 29, 2026 MODIFIED

Vulnerability data updated via NVD.

April 11, 2025 MODIFIED

Vulnerability data or affected products updated.

January 15, 2012 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:A/AC:L/Au:N/C:N/I:N/A:C

Affected Stack

No specific products linked.