CVE-2015-8461, a DHCP security vulnerability, was announced today.

Brian Conry bconry at
Tue Jan 12 23:16:29 UTC 2016

On 2016-01-12 17:13, Apu wrote:
> Michael,
> The advisory includes this text regarding workarounds
> None likely, but in some environments following the advice from
> can substantially reduce the risk by limiting the exposure of a DHCP
> server to "controlled" networks and clients.
> however the link returns an error requesting a username and password.
> Is that article available publicly?

It was supposed to be before, and it is now.

Thanks for reporting the problem with the link.

Brian Conry
ISC Support

More information about the dhcp-users mailing list