Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: ISC DHCP DHCPv6 Vulnerability SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
ISC DHCP DHCPv6 Vulnerability

The Internet Systems Consortium, the makers of the open source DHCP server, indicated the DHCPv6 service may crash after processing a DHCPv6 decline message. This vulnerability has been assigned CVE 2011-0413 and affect version 4.0.x-4.2.x and maybe remotely exploitable.

Note: This DoS only affects DHCPv6 servers and there is currently no workaround.




Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org


512 Posts
ISC Handler
Jan 27th 2011
Another reason to get DNS server information added to IPv6 router advertisements, and make DHCP obsolete in IPv6.

34 Posts
Jan 28 2011 - "... Solution: The vendor has issued a fix (4.1.2-P1, 4.1-ESV-R1, or 4.2.1b1).
The vendor's advisory is available at:
Vendor URL:
"... Solution: Upgrade to 4.1.2-P1, 4.1-ESV-R1, or 4.2.1b1..."

160 Posts

Sign Up for Free or Log In to start participating in the conversation!