Lucene search

K
osvGoogleOSV:DSA-1833-2
HistoryJul 14, 2009 - 12:00 a.m.

dhcp3 - arbitrary code execution

2009-07-1400:00:00
Google
osv.dev
16

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.073 Low

EPSS

Percentile

93.1%

Several remote vulnerabilities have been discovered in ISC’s DHCP
implementation:

  • CVE-2009-0692
    It was discovered that dhclient does not properly handle overlong
    subnet mask options, leading to a stack-based buffer overflow and
    possible arbitrary code execution.
  • CVE-2009-1892
    Christoph Biedl discovered that the DHCP server may terminate when
    receiving certain well-formed DHCP requests, provided that the server
    configuration mixes host definitions using “dhcp-client-identifier”
    and “hardware ethernet”. This vulnerability only affects the lenny
    versions of dhcp3-server and dhcp3-server-ldap.

For the old stable distribution (etch), these problems have been fixed
in version 3.0.4-13+etch2.

For the stable distribution (lenny), this problem has been fixed in
version 3.1.1-6+lenny2.

For the unstable distribution (sid), these problems will be fixed
soon.

We recommend that you upgrade your dhcp3 packages.

CPENameOperatorVersion
dhcp3eq3.1.1-6
dhcp3eq3.1.1-6+lenny2

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.073 Low

EPSS

Percentile

93.1%