Possible root exploit in ISC DHCP client.

Type securityvulns
Reporter Securityvulns
Modified 2000-06-25T00:00:00


Somebody at OpenBSD discovered a possible root exploit in the ISC DHCP client. This exploit is present in all versions of the ISC DHCP client prior to 2.0pl1 and 3.0b1pl14, which I just released this evening. Anybody who is using versions of the ISC DHCP client other than these is strongly urged to upgrade. I would appreciate it if the OpenBSD people would take a look at the new version to see if they believe it is a complete fix, and let me know if it isn't. In any case, thanks for catching the error! I'm sorry I'm being so vague about how this got found, but I don't have time to read bugtraq anymore, so I was notified roughly fourth-hand.

The ISC DHCP distribution is available at ftp://ftp.isc.org/isc/DHCP, and anonymous CVS at http://www.isc.org/products/DHCP/anoncvs.html. The head of the tree in anonymous CVS also contains the fix.