{"id":"CVE-2016-2774","details":"ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions.","modified":"2026-03-20T11:08:15.898112Z","published":"2016-03-09T15:59:00.147Z","related":["SUSE-SU-2016:1692-1","SUSE-SU-2016:1735-1","SUSE-SU-2016:1791-1","SUSE-SU-2016:2024-1"],"references":[{"type":"ADVISORY","url":"https://usn.ubuntu.com/3586-1/"},{"type":"ADVISORY","url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183458.html"},{"type":"ADVISORY","url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183640.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-updates/2016-07/msg00066.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-2590.html"},{"type":"ADVISORY","url":"https://kb.isc.org/article/AA-01354"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/11/msg00023.html"},{"type":"ADVISORY","url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/84208"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1035196"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.isc.org/isc-projects/dhcp","events":[{"introduced":"0"},{"last_affected":"b39dd193dc3d189d3669866d73a87172545e2a4b"},{"introduced":"0"},{"last_affected":"9f35323a8abe2ed4bc567b2b2613fc3ef9254e8f"},{"introduced":"0"},{"last_affected":"2d5ca865b7268d2f60a485c9a50f96b7890dd51f"},{"introduced":"0"},{"last_affected":"c4a3c3ee213715ff5a3f6255001148e333029741"},{"introduced":"0"},{"last_affected":"dda169525b6109935c76d2a7f0c479ff4fda0e82"},{"introduced":"0"},{"last_affected":"4f5c8255511e3600288eddfa6a4e594fde107458"},{"introduced":"0"},{"last_affected":"2a00efe8700df8bfd11881fdabeb18f33e8d9fe6"},{"introduced":"0"},{"last_affected":"331193dd54344dc74ca1987797d99bb57ba277fe"},{"introduced":"0"},{"last_affected":"240d9b62e137cad28a08893326ab66d4cd7bbb89"},{"introduced":"0"},{"last_affected":"9ff9a4e8131e7b5f144050b538ff866f89c98ffc"},{"introduced":"0"},{"last_affected":"a43c1faf96b8647d2a87fc0b5ef044c79cc1c852"},{"introduced":"0"},{"last_affected":"d6f132e4523d4a317f18a395ade0c4927867bc67"},{"introduced":"0"},{"last_affected":"f9eeba56095a43b985292025a2b4a46085cff2ea"},{"introduced":"0"},{"last_affected":"a185640cf1d8fd71b5c62ac4b4c9572996248b63"},{"introduced":"0"},{"last_affected":"b54c35c0c840395bc1e62dd8484eab610837d01a"},{"introduced":"0"},{"last_affected":"f615b2d9be5ebe1762de0677a1e5c151519217aa"},{"introduced":"0"},{"last_affected":"703432ad969076f6a4eb9566db5634cceeb12572"},{"introduced":"0"},{"last_affected":"5e1ef01178527149e5673002dbdc3be18046c77e"},{"introduced":"0"},{"last_affected":"b8ee38f1a50299e35c37a0eeadce30051dda7696"},{"introduced":"0"},{"last_affected":"db3e58c1515b19d6fb4f1aa46445cbbcb4261e65"},{"introduced":"0"},{"last_affected":"192a3579019c9f0c4095371d783c22efd74ba9bf"},{"introduced":"0"},{"last_affected":"034fe1d0edc30d6912718cb547f12b8c215b4cf2"},{"introduced":"0"},{"last_affected":"c57dbea3ca687b929a7bf8171c21ad9dc66461bf"},{"introduced":"0"},{"last_affected":"847b32280a9d52c3f30db4dc2ed620abbeda708c"},{"introduced":"0"},{"last_affected":"b5672a6ffffad5c2455e5d50e4c2e5ef1e99f925"},{"introduced":"0"},{"last_affected":"2a4ff20abc29fe2647de68e6a6eea8e49e6ce941"},{"introduced":"0"},{"last_affected":"7fe055362676093949c9a834d89c5ef5659d2444"},{"introduced":"0"},{"last_affected":"d104d45bfe246012dca00a8a3b358d3553a5ef68"},{"introduced":"0"},{"last_affected":"7fe055362676093949c9a834d89c5ef5659d2444"},{"introduced":"0"},{"last_affected":"9f35323a8abe2ed4bc567b2b2613fc3ef9254e8f"},{"introduced":"0"},{"last_affected":"fe602318cf7a48bb01ba243a3856b567c5b4032b"},{"introduced":"0"},{"last_affected":"896b022e2fcebc3e34f918a283ad867409ad293d"},{"introduced":"0"},{"last_affected":"d5240f1a68697c6eb0ecab799d3b97332b564a55"},{"introduced":"0"},{"last_affected":"fe602318cf7a48bb01ba243a3856b567c5b4032b"},{"introduced":"0"},{"last_affected":"1aaff8add2aa2c6e28624d449fc86d969fec7817"},{"introduced":"0"},{"last_affected":"9ff9a4e8131e7b5f144050b538ff866f89c98ffc"},{"introduced":"0"},{"last_affected":"bb082e7460a5a56cd9f548b00dee88489b7f8ff6"},{"introduced":"0"},{"last_affected":"bb082e7460a5a56cd9f548b00dee88489b7f8ff6"},{"introduced":"0"},{"last_affected":"288b7334a94a6e3847cba3119d307b2c81548079"},{"introduced":"0"},{"last_affected":"079f747eb20d40e80c65e8a984d6c50860560b3c"},{"introduced":"0"},{"last_affected":"7135bc87e90a5703a0ea909f2bb81d8826e2bfb3"},{"introduced":"0"},{"last_affected":"ff48425a7aa70ea9bfcc54acdedb18f625ea3d6e"},{"introduced":"0"},{"last_affected":"7135bc87e90a5703a0ea909f2bb81d8826e2bfb3"},{"introduced":"0"},{"last_affected":"ff48425a7aa70ea9bfcc54acdedb18f625ea3d6e"},{"introduced":"0"},{"last_affected":"7135bc87e90a5703a0ea909f2bb81d8826e2bfb3"},{"introduced":"0"},{"last_affected":"ff48425a7aa70ea9bfcc54acdedb18f625ea3d6e"},{"introduced":"0"},{"last_affected":"e9758a97b9265d4d7b53109677ff5d984bf97bf7"},{"introduced":"0"},{"last_affected":"30fd66e72e822912d691a8e4dcc095b24c8e7b35"},{"introduced":"0"},{"last_affected":"901f7fdaf7f2ee578a5dfd9b1553383dfa097fb6"},{"introduced":"0"},{"last_affected":"901f7fdaf7f2ee578a5dfd9b1553383dfa097fb6"},{"introduced":"0"},{"last_affected":"fb2cb60bb063e4db0a03701cdda9a2ef63160691"},{"introduced":"0"},{"last_affected":"8d0ace77954985ac7531416f06b58773fd62b7c6"},{"introduced":"0"},{"last_affected":"8d0af0a88f0d8e8470b226bf9ce74fb3912c8f32"},{"introduced":"0"},{"last_affected":"ada088c43359b56f6ed57f231ef26525df322b9e"},{"introduced":"0"},{"last_affected":"b597e6e952c1af5e25bbcb29d09bcc8d6e447ea9"},{"introduced":"0"},{"last_affected":"a0e5ad2c2acf4c06ae4d04b517f9fc541f70182c"},{"introduced":"0"},{"last_affected":"20287f2c336d7cedc77068e8ac04e9f891ce49d6"},{"introduced":"0"},{"last_affected":"12eb3b58d61563e525341172f870a14b918d613c"},{"introduced":"0"},{"last_affected":"587175c8ac0c8c13b60cc92d20aaf5cd6c34c183"},{"introduced":"0"},{"last_affected":"587175c8ac0c8c13b60cc92d20aaf5cd6c34c183"},{"introduced":"0"},{"last_affected":"0b0c889abe0096629633f1f876ff715ba31e0556"},{"introduced":"0"},{"last_affected":"5bc351c7e933a6f43f1593f45ef8e98d163231da"},{"introduced":"0"},{"last_affected":"22218b3276f3e9f9527c1fd591abb4abf8e3c5ec"},{"introduced":"0"},{"last_affected":"44589642cd2b2e24f4e4f611734319d12eb2a6d7"},{"introduced":"0"},{"last_affected":"880bc8d77ad503ad09a35712c65bde75ebda8e49"},{"introduced":"0"},{"last_affected":"880bc8d77ad503ad09a35712c65bde75ebda8e49"},{"introduced":"0"},{"last_affected":"9b334624f7b1324ae43053261e40912716d35430"},{"introduced":"0"},{"last_affected":"e02770350746d9324a48df9e0cd4b345459865c2"},{"introduced":"0"},{"last_affected":"a60557510f06014a7c10ec15ab67a158bc6c2175"},{"introduced":"0"},{"last_affected":"dc9ea729746e1e1d34b1a7bc93b5beab0509108d"},{"introduced":"0"},{"last_affected":"15f1472b1c6b866ed968172c92c24ececa3beadf"},{"introduced":"0"},{"last_affected":"e423d73b34cb7a684d5be15ee918a734ae64612f"},{"introduced":"0"},{"last_affected":"eef2e6ebea5a34dd646898bc71f49c09436ed6a9"},{"introduced":"0"},{"last_affected":"8541c4fcbc6364800775234bacfe646ef16bfd38"},{"introduced":"0"},{"last_affected":"bea90f27a71c26785ea892fe529a24e65e925709"},{"introduced":"0"},{"last_affected":"ec66debae20c2d6bc7ade627ec6874d0260f8967"},{"introduced":"0"},{"last_affected":"dbd908ad1e58fdd20f24cde23ca5670b222a741e"},{"introduced":"0"},{"last_affected":"5de62c8b34a94e66269b39c663cd222047216306"},{"introduced":"0"},{"last_affected":"35baec748aef06f0a06c3adbde6d7467255c2829"},{"introduced":"0"},{"last_affected":"35baec748aef06f0a06c3adbde6d7467255c2829"},{"introduced":"0"},{"last_affected":"2603fcb3935e3454dae343005af912cb9ab7c267"},{"introduced":"0"},{"last_affected":"a6365d17d1d8601601539b58f9a3aa03415a6dbb"},{"introduced":"0"},{"last_affected":"476ae2d33f76c0403ecd1873ea6810c437398298"},{"introduced":"0"},{"last_affected":"d96b2196c02bdce419a07e0e20768522db1d97d0"},{"introduced":"0"},{"last_affected":"c2419dcade8104525e466820c1503ce84a031973"},{"introduced":"0"},{"last_affected":"b3b69c1cb447978579b375b25867f710147b96ca"},{"introduced":"0"},{"last_affected":"59990751bad8438d84d22a7f621ebc7746851cb9"},{"introduced":"0"},{"last_affected":"6d5848b767f17c3ed4545d0367270c0795058fa7"},{"introduced":"0"},{"last_affected":"5222080182d1413bd9f69e5589dd53bd4d300cee"},{"introduced":"0"},{"last_affected":"f02df8e557d93f388d4040a3a4610cc48391edc6"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"4.1-esv-NA"},{"introduced":"0"},{"last_affected":"4.1-esv-r1"},{"introduced":"0"},{"last_affected":"4.1-esv-r10"},{"introduced":"0"},{"last_affected":"4.1-esv-r10_b1"},{"introduced":"0"},{"last_affected":"4.1-esv-r11_b1"},{"introduced":"0"},{"last_affected":"4.1-esv-r11_rc1"},{"introduced":"0"},{"last_affected":"4.1-esv-r11_rc2"},{"introduced":"0"},{"last_affected":"4.1-esv-r12"},{"introduced":"0"},{"last_affected":"4.1-esv-r12_b1"},{"introduced":"0"},{"last_affected":"4.1-esv-r2"},{"introduced":"0"},{"last_affected":"4.1-esv-r3"},{"introduced":"0"},{"last_affected":"4.1-esv-r3_b1"},{"introduced":"0"},{"last_affected":"4.1-esv-r4"},{"introduced":"0"},{"last_affected":"4.1-esv-r5"},{"introduced":"0"},{"last_affected":"4.1-esv-r5_b1"},{"introduced":"0"},{"last_affected":"4.1-esv-r5_rc1"},{"introduced":"0"},{"last_affected":"4.1-esv-r5_rc2"},{"introduced":"0"},{"last_affected":"4.1-esv-r6"},{"introduced":"0"},{"last_affected":"4.1-esv-r7"},{"introduced":"0"},{"last_affected":"4.1-esv-r8"},{"introduced":"0"},{"last_affected":"4.1-esv-r8_b1"},{"introduced":"0"},{"last_affected":"4.1-esv-r8_rc1"},{"introduced":"0"},{"last_affected":"4.1-esv-r9"},{"introduced":"0"},{"last_affected":"4.1-esv-r9_b1"},{"introduced":"0"},{"last_affected":"4.1-esv-r9_rc1"},{"introduced":"0"},{"last_affected":"4.1.0-NA"},{"introduced":"0"},{"last_affected":"4.1.0-a1"},{"introduced":"0"},{"last_affected":"4.1.0-a2"},{"introduced":"0"},{"last_affected":"4.1.0-b1"},{"introduced":"0"},{"last_affected":"4.1.1-NA"},{"introduced":"0"},{"last_affected":"4.1.1-b1"},{"introduced":"0"},{"last_affected":"4.1.1-b2"},{"introduced":"0"},{"last_affected":"4.1.1-b3"},{"introduced":"0"},{"last_affected":"4.1.1-p1"},{"introduced":"0"},{"last_affected":"4.1.1-rc1"},{"introduced":"0"},{"last_affected":"4.1.2-NA"},{"introduced":"0"},{"last_affected":"4.1.2-b1"},{"introduced":"0"},{"last_affected":"4.1.2-p1"},{"introduced":"0"},{"last_affected":"4.1.2-rc1"},{"introduced":"0"},{"last_affected":"4.2.0-NA"},{"introduced":"0"},{"last_affected":"4.2.0-a1"},{"introduced":"0"},{"last_affected":"4.2.0-a2"},{"introduced":"0"},{"last_affected":"4.2.0-b1"},{"introduced":"0"},{"last_affected":"4.2.0-b2"},{"introduced":"0"},{"last_affected":"4.2.0-p1"},{"introduced":"0"},{"last_affected":"4.2.0-p2"},{"introduced":"0"},{"last_affected":"4.2.0-rc1"},{"introduced":"0"},{"last_affected":"4.2.1-NA"},{"introduced":"0"},{"last_affected":"4.2.1-b1"},{"introduced":"0"},{"last_affected":"4.2.1-p1"},{"introduced":"0"},{"last_affected":"4.2.1-rc1"},{"introduced":"0"},{"last_affected":"4.2.2-NA"},{"introduced":"0"},{"last_affected":"4.2.2-b1"},{"introduced":"0"},{"last_affected":"4.2.2-rc1"},{"introduced":"0"},{"last_affected":"4.2.3-NA"},{"introduced":"0"},{"last_affected":"4.2.3-p1"},{"introduced":"0"},{"last_affected":"4.2.3-p2"},{"introduced":"0"},{"last_affected":"4.2.4-NA"},{"introduced":"0"},{"last_affected":"4.2.4-b1"},{"introduced":"0"},{"last_affected":"4.2.4-p1"},{"introduced":"0"},{"last_affected":"4.2.4-p2"},{"introduced":"0"},{"last_affected":"4.2.4-rc1"},{"introduced":"0"},{"last_affected":"4.2.4-rc2"},{"introduced":"0"},{"last_affected":"4.2.5-NA"},{"introduced":"0"},{"last_affected":"4.2.5-b1"},{"introduced":"0"},{"last_affected":"4.2.5-p1"},{"introduced":"0"},{"last_affected":"4.2.5-rc1"},{"introduced":"0"},{"last_affected":"4.2.6-NA"},{"introduced":"0"},{"last_affected":"4.2.6-b1"},{"introduced":"0"},{"last_affected":"4.2.6-rc1"},{"introduced":"0"},{"last_affected":"4.2.7-NA"},{"introduced":"0"},{"last_affected":"4.2.7-b1"},{"introduced":"0"},{"last_affected":"4.2.7-rc1"},{"introduced":"0"},{"last_affected":"4.2.8-NA"},{"introduced":"0"},{"last_affected":"4.2.8-b1"},{"introduced":"0"},{"last_affected":"4.2.8-rc1"},{"introduced":"0"},{"last_affected":"4.2.8-rc2"},{"introduced":"0"},{"last_affected":"4.3.0-NA"},{"introduced":"0"},{"last_affected":"4.3.0-a1"},{"introduced":"0"},{"last_affected":"4.3.0-b1"},{"introduced":"0"},{"last_affected":"4.3.0-rc1"},{"introduced":"0"},{"last_affected":"4.3.1-NA"},{"introduced":"0"},{"last_affected":"4.3.1-b1"},{"introduced":"0"},{"last_affected":"4.3.1-rc1"},{"introduced":"0"},{"last_affected":"4.3.2-NA"},{"introduced":"0"},{"last_affected":"4.3.2-b1"},{"introduced":"0"},{"last_affected":"4.3.2-rc1"},{"introduced":"0"},{"last_affected":"4.3.2-rc2"},{"introduced":"0"},{"last_affected":"4.3.3-NA"},{"introduced":"0"},{"last_affected":"4.3.3-b1"}]}}],"versions":["BCTEL_SPECIAL_19991124","DHCP-970305","DHCP-970305A","DHCP-970328","DHCP-970329","DHCP-970602","DHCP-970607","DHCP-970609","DHCP-971122","DHCP-971202","DHCP_970226A","DHCPv6_parsing_base","HEAD-MERGE-V3-0-3RC1","HEAD-MERGE-V3-0-3RC1_base","NetBSD_1_3_Alpha","V3-ALPHA-19990315","V3-ALPHA-19990326","V3-ALPHA-19990329","V3-ALPHA-19990329A","V3-ALPHA-19990330","V3-ALPHA-19990408","V3-ALPHA-19990412","V3-ALPHA-19990423","V3-ALPHA-19990424","V3-ALPHA-19990506","V3-ALPHA-19990507","V3-ALPHA-19990527","V3-ALPHA-19990608","V3-BETA-1-PATCH-0","V3-BETA-2-PATCH-1","V3-BETA-2-PATCH-10","V3-BETA-2-PATCH-11","V3-BETA-2-PATCH-12","V3-BETA-2-PATCH-13","V3-BETA-2-PATCH-14","V3-BETA-2-PATCH-15","V3-BETA-2-PATCH-16","V3-BETA-2-PATCH-18","V3-BETA-2-PATCH-19","V3-BETA-2-PATCH-2","V3-BETA-2-PATCH-20","V3-BETA-2-PATCH-21","V3-BETA-2-PATCH-22","V3-BETA-2-PATCH-23","V3-BETA-2-PATCH-24","V3-BETA-2-PATCH-4","V3-BETA-2-PATCH-7","V3-BETA-2-PATCH-8","V3-BETA-2-PATCH-9","V3-RC1","V3-RC2-PATCH-1","V3-RC3","V3_RC4","carrel-2","v4_0_0a1","v4_0_0a2","v4_0_0a3","v4_0_0b1","v4_0_0b2","v4_0_0b3","v4_0_0rc1","v4_1_0","v4_1_0a1","v4_1_0a2","v4_1_0b1","v4_1_0rc1","v4_1_1","v4_1_1b1","v4_1_1b2","v4_1_1b3","v4_1_1rc1","v4_1_2","v4_1_2b1","v4_1_2rc1","v4_1_esv_r0","v4_1_esv_r1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-2774.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"4.1-esv-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"14.04"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"17.10"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}