From secunia security advisory at $URL: Description: The vulnerability is caused due to a NULL pointer dereference error within the handling of the DHCPv6 lease structure when updating Dynamic DNS lease status, which can be exploited to cause a crash by sending specially crafted DHCP packets. Successful exploitation requires that DHCPv6 and Dynamic DNS are used. The vulnerability is reported in versions 4.2.2, 4.2.3, and 4.2.3-P1. Solution: Update to version 4.2.3-P2.
CVE-2011-4868 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4868): The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets related to a lease-status update.
Stabilization completed in bug 428120. Already on existing GLSA request.
This issue was resolved and addressed in GLSA 201301-06 at http://security.gentoo.org/glsa/glsa-201301-06.xml by GLSA coordinator Stefan Behte (craig).