CVEs Involved: - CVE-2014-4701: Related to the vulnerability affecting the plugin as reported in http://seclists.org/fulldisclosure/2014/May/74. - CVE-2014-4702: Related to a new vector information for being announced. - CVE-2014-4703: Related to the vulnerability affecting the plugin as reported in http://seclists.org/fulldisclosure/2014/Jun/141. Affected Components: - plugin. - plugin. Fixes: - CVE-2014-4701 was fixed in version 2.0.2. - CVE-2014-4702 was introduced with . - CVE-2014-4703 was fixed in version 2.0.3. Additional Context: - The situation is unusual as two cases where a researcher reported part of the problem first, then the vendor released a fix without modifying the component mentioned by the researcher. - There is a possibility that the problem might be parallel amongst the components. - The vendor has mentioned nothing else in version 2.0.3 about check_dhcp, but the previously mentioned issues are distinct.