From secunia security advisory at $URL:
The vulnerability is caused due to a NULL pointer dereference error within the handling of the DHCPv6 lease structure when updating Dynamic DNS lease status, which can be exploited to cause a crash by sending specially crafted DHCP packets.
Successful exploitation requires that DHCPv6 and Dynamic DNS are used.
The vulnerability is reported in versions 4.2.2, 4.2.3, and 4.2.3-P1.
Update to version 4.2.3-P2.
The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using
Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the
DHCPv6 lease structure, which allows remote attackers to cause a denial of
service (NULL pointer dereference and daemon crash) via crafted packets
related to a lease-status update.
Stabilization completed in bug 428120.
Already on existing GLSA request.
This issue was resolved and addressed in
GLSA 201301-06 at http://security.gentoo.org/glsa/glsa-201301-06.xml
by GLSA coordinator Stefan Behte (craig).