Infinite loop in uid_hash_delete (possible DoS)

sscdvp at gmail.com sscdvp at gmail.com
Sat Aug 13 20:17:27 UTC 2011


+1
It seems that all previous ISC DHCP versions (including 3.1-ESV) are
vulnerable to that bug. Because the code related to uid_hash_delete(),
uid_hash_add() has no changes since it was written for 3.0 version (only
minor change: lease_hash_t was split to two lease_id_hash_t and
lease_ip_hash_t since 3.0).

The subject should be renamed to "Infinite loop in uid_hash_delete" because
the code snippet was taken from uid_hash_delete().

Best regards,
Serghei Samsi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20110813/ca02079e/attachment.html>


More information about the dhcp-users mailing list