CVE-2017-3144
Description
A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
17.594
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| DHCP server and client (USN-3586-1) isc-dhcp-relay_4.3.3-5ubuntu12.9_i386.deb | Linux |
| DHCP server and client (USN-3586-1) isc-dhcp-relay_4.3.3-5ubuntu12.9_amd64.deb | Linux |
| DHCP server and client (USN-3586-1) isc-dhcp-relay_4.2.4-7ubuntu12.12_i386.deb | Linux |
| DHCP server and client (USN-3586-1) isc-dhcp-relay_4.2.4-7ubuntu12.12_amd64.deb | Linux |
| DHCP server and client (USN-3586-1) isc-dhcp-client_4.3.3-5ubuntu12.9_i386.deb | Linux |
| DHCP server and client (USN-3586-1) isc-dhcp-client_4.3.3-5ubuntu12.9_amd64.deb | Linux |
| DHCP server and client (USN-3586-1) isc-dhcp-client_4.2.4-7ubuntu12.12_i386.deb | Linux |
| DHCP server and client (USN-3586-1) isc-dhcp-client_4.2.4-7ubuntu12.12_amd64.deb | Linux |
| DHCP server and client (USN-3586-1) isc-dhcp-server_4.3.3-5ubuntu12.9_i386.deb | Linux |
| DHCP server and client (USN-3586-1) isc-dhcp-server_4.3.3-5ubuntu12.9_amd64.deb | Linux |
| DHCP server and client (USN-3586-1) isc-dhcp-server_4.2.4-7ubuntu12.12_i386.deb | Linux |
| DHCP server and client (USN-3586-1) isc-dhcp-server_4.2.4-7ubuntu12.12_amd64.deb | Linux |
| DHCP server and client (USN-3586-1) isc-dhcp-server-ldap_4.3.3-5ubuntu12.9_i386.deb | Linux |
| DHCP server and client (USN-3586-1) isc-dhcp-server-ldap_4.3.3-5ubuntu12.9_amd64.deb | Linux |
| DHCP server and client (USN-3586-1) isc-dhcp-server-ldap_4.2.4-7ubuntu12.12_i386.deb | Linux |
| DHCP server and client (USN-3586-1) isc-dhcp-server-ldap_4.2.4-7ubuntu12.12_amd64.deb | Linux |
| (RHSA-2018:0158) Moderate: dhcp security update dhclient-4.2.5-58.el7_4.1.x86_64.rpm | Linux |
| (RHSA-2018:0158) Moderate: dhcp security update dhcp-4.2.5-58.el7_4.1.x86_64.rpm | Linux |
| (RHSA-2018:0158) Moderate: dhcp security update dhcp-common-4.2.5-58.el7_4.1.x86_64.rpm | Linux |
| (RHSA-2018:0158) Moderate: dhcp security update dhcp-devel-4.2.5-58.el7_4.1.i686.rpm | Linux |
| (RHSA-2018:0158) Moderate: dhcp security update dhcp-devel-4.2.5-58.el7_4.1.x86_64.rpm | Linux |
| (RHSA-2018:0158) Moderate: dhcp security update dhcp-libs-4.2.5-58.el7_4.1.i686.rpm | Linux |
| (RHSA-2018:0158) Moderate: dhcp security update dhcp-libs-4.2.5-58.el7_4.1.x86_64.rpm | Linux |
| Uncontrolled Resource Consumption Vulnerability (CVE-2017-3144) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234