Lucene search
Copyright (C) 2010 Greenbone AGOPENVAS:1361412562310840379HistoryJan 29, 2010 - 12:00 a.m.
Ubuntu: Security Advisory (USN-803-2)
2010-01-2900:00:00
Copyright (C) 2010 Greenbone AG
plugins.openvas.org
12
7.7 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.076 Low
EPSS
Percentile
94.1%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2010 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.840379");
script_cve_id("CVE-2009-0692");
script_tag(name:"creation_date", value:"2010-01-29 13:09:25 +0000 (Fri, 29 Jan 2010)");
script_version("2024-02-02T05:06:04+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:04 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_name("Ubuntu: Security Advisory (USN-803-2)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2010 Greenbone AG");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU(8\.10|9\.04|9\.10)");
script_xref(name:"Advisory-ID", value:"USN-803-2");
script_xref(name:"URL", value:"https://ubuntu.com/security/notices/USN-803-2");
script_tag(name:"summary", value:"The remote host is missing an update for the 'dhcp3' package(s) announced via the USN-803-2 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"USN-803-1 fixed a vulnerability in Dhcp. Due to an error, the patch to
fix the vulnerability was not properly applied on Ubuntu 8.10 and higher.
Even with the patch improperly applied, the default compiler options
reduced the vulnerability to a denial of service. Additionally, in Ubuntu
9.04 and higher, users were also protected by the AppArmor dhclient3
profile. This update fixes the problem.
Original advisory details:
It was discovered that the DHCP client as included in dhcp3 did not verify
the length of certain option fields when processing a response from an IPv4
dhcp server. If a user running Ubuntu 6.06 LTS or 8.04 LTS connected to a
malicious dhcp server, a remote attacker could cause a denial of service or
execute arbitrary code as the user invoking the program, typically the
'dhcp' user. For users running Ubuntu 8.10 or 9.04, a remote attacker
should only be able to cause a denial of service in the DHCP client. In
Ubuntu 9.04, attackers would also be isolated by the AppArmor dhclient3
profile.");
script_tag(name:"affected", value:"'dhcp3' package(s) on Ubuntu 8.10, Ubuntu 9.04, Ubuntu 9.10.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "UBUNTU8.10") {
if(!isnull(res = isdpkgvuln(pkg:"dhcp3-client", ver:"3.1.1-1ubuntu2.2", rls:"UBUNTU8.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"dhcp3-client-udeb", ver:"3.1.1-1ubuntu2.2", rls:"UBUNTU8.10"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "UBUNTU9.04") {
if(!isnull(res = isdpkgvuln(pkg:"dhcp-client", ver:"3.1.1-5ubuntu8.2", rls:"UBUNTU9.04"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"dhcp3-client", ver:"3.1.1-5ubuntu8.2", rls:"UBUNTU9.04"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "UBUNTU9.10") {
if(!isnull(res = isdpkgvuln(pkg:"dhcp-client", ver:"3.1.2-1ubuntu7.1", rls:"UBUNTU9.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"dhcp3-client", ver:"3.1.2-1ubuntu7.1", rls:"UBUNTU9.10"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
oraclelinux
oraclelinux
dhcp security update
2009-07-14 00:00:00
dhcp security update
2009-07-14 00:00:00
exploitpack
exploitpack
ISC DHCP dhclient 3.1.2p1 - Remote Buffer Overflow (PoC)
2009-07-27 00:00:00
nessus
nessus
FreeBSD : isc-dhcp-client -- Stack overflow vulnerability (c444c8b7-7169-11de-9ab7-000c29a67389)
2009-07-16 00:00:00
Oracle Linux 4 : dhcp (ELSA-2009-1136)
2013-07-12 00:00:00
Ubuntu 8.10 / 9.04 / 9.10 : dhcp3 vulnerability (USN-803-2)
2010-01-28 00:00:00
openvas
openvas
SLES11: Security update for dhcp-client
2009-10-11 00:00:00
SLES9: Security update for dhcp-client
2009-10-10 00:00:00
RedHat Security Advisory RHSA-2009:1136
2009-07-29 00:00:00
ubuntu
ubuntu
Dhcp vulnerability
2010-01-27 00:00:00
dhcp vulnerability
2009-07-14 00:00:00
checkpoint_advisories
checkpoint_advisories
redhat
redhat
(RHSA-2009:1136) Critical: dhcp security update
2009-07-14 00:00:00
(RHSA-2009:1154) Critical: dhcp security update
2009-07-14 00:00:00
seebug
seebug
ISC DHCP dhclient < 3.1.2p1 Remote Buffer Overflow PoC
2009-07-28 00:00:00
cert
cert
ISC DHCP dhclient stack buffer overflow
2009-07-14 00:00:00
cve
cve
CVE-2009-0692
2009-07-14 20:30:00
checkpoint_security
checkpoint_security
exploitdb
exploitdb
ISC DHCP dhclient < 3.1.2p1 - Remote Buffer Overflow (PoC)
2009-07-27 00:00:00
freebsd
freebsd
isc-dhcp-client -- Stack overflow vulnerability
2009-07-14 00:00:00
ubuntucve
ubuntucve
CVE-2009-0692
2009-07-14 00:00:00
gentoo
gentoo
ISC DHCP: dhcpclient Remote execution of arbitrary code
2009-07-14 00:00:00
packetstorm
packetstorm
ISC DHCP dhclient Buffer Overflow
2009-07-28 00:00:00
prion
prion
Stack overflow
2009-07-14 20:30:00
slackware
slackware
dhcp
2009-07-14 17:34:59
fedora
fedora
[SECURITY] Fedora 11 Update: dhcp-4.1.0p1-4.fc11
2009-11-10 17:47:15
[SECURITY] Fedora 10 Update: dhcp-4.0.0-37.fc10
2009-08-25 22:12:17
[SECURITY] Fedora 11 Update: dhcp-4.1.0p1-6.fc11
2010-06-24 16:20:01
threatpost
threatpost
Critical RCE Bug Found Lurking in Avaya VoIP Phones
2019-08-08 20:00:50
osv
osv
dhcp3 - arbitrary code execution
2009-07-14 00:00:00
dhcp3 - arbitrary code execution
2009-07-14 00:00:00
securityvulns
securityvulns
[Full-disclosure] [SECURITY] [DSA 1833-1] New dhcp3 packages fix arbitrary code execution
2009-07-15 00:00:00
ISC DHCP client buffer overflow
2009-07-15 00:00:00
debian
debian
[SECURITY] [DSA 1833-2] New dhcp3 packages fix arbitrary code execution
2009-08-25 19:57:28
[SECURITY] [DSA 1833-1] New dhcp3 packages fix arbitrary code execution
2009-07-14 19:33:29
centos
centos
dhclient, dhcp security update
2009-07-15 19:59:01
suse
suse
remote code execution in dhcp-client
2009-07-15 16:27:03
vmware
vmware
7.7 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.076 Low
EPSS
Percentile
94.1%
Related for OPENVAS:1361412562310840379