logo
DATABASE RESOURCES PRICING ABOUT US

ISC DHCP: dhcpclient Remote execution of arbitrary code

Description

### Background ISC DHCP is the reference implementation of the Dynamic Host Configuration Protocol as specified in RFC 2131. ### Description The Mandriva Linux Engineering Team has reported a stack-based buffer overflow in the subnet-mask handling of dhclient. ### Impact A remote attacker might set up a rogue DHCP server in a victim's local network, possibly leading to the execution of arbitrary code with root privileges. ### Workaround There is no known workaround at this time. ### Resolution All ISC DHCP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/dhcp-3.1.1-r1"


Affected Package


OS OS Version Package Name Package Version
Gentoo any net-misc/dhcp 3.1.1-r1

Related