a. Service Console update for DHCP and third party library update for DHCP client.
DHCP is an Internet-standard protocol by which a computer can be
connected to a local network, ask to be given configuration
information, and receive from a server enough information to
configure itself as a member of that network.
A stack-based buffer overflow in the script_write_params method in
ISC DHCP dhclient allows remote DHCP servers to execute arbitrary
code via a crafted subnet-mask option.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-0692 to this issue.
An insecure temporary file use flaw was discovered in the DHCP
daemon’s init script (“/etc/init.d/dhcpd”). A local attacker could
use this flaw to overwrite an arbitrary file with the output of the
“dhcpd -t” command via a symbolic link attack, if a system
administrator executed the DHCP init script with the “configtest”,
“restart”, or “reload” option.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-1893 to this issue.
The following table lists what action remediates the vulnerability
in the Service Console (column 4) if a solution is available.