exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2009-0692

Status Candidate

Overview

Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option.

Related Files

Ubuntu Security Notice 803-2
Posted Jan 27, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 803-2 - USN-803-1 fixed a vulnerability in Dhcp. Due to an error, the patch to fix the vulnerability was not properly applied on Ubuntu 8.10 and higher. Even with the patch improperly applied, the default compiler options reduced the vulnerability to a denial of service. Additionally, in Ubuntu 9.04 and higher, users were also protected by the AppArmor dhclient3 profile. This update fixes the problem. Original advisory details: It was discovered that the DHCP client as included in dhcp3 did not verify the length of certain option fields when processing a response from an IPv4 dhcp server. If a user running Ubuntu 6.06 LTS or 8.04 LTS connected to a malicious dhcp server, a remote attacker could cause a denial of service or execute arbitrary code as the user invoking the program, typically the 'dhcp' user. For users running Ubuntu 8.10 or 9.04, a remote attacker should only be able to cause a denial of service in the DHCP client. In Ubuntu 9.04, attackers would also be isolated by the AppArmor dhclient3 profile.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-0692
SHA-256 | c90a7824d2bd0d7a5899ee65553262f2b5893da989fde41ccb00958d6d18c356
Mandriva Linux Security Advisory 2009-312
Posted Dec 4, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-312 - Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients. Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option. ISC DHCP Server is vulnerable to a denial of service, caused by the improper handling of DHCP requests. If the host definitions are mixed using dhcp-client-identifier and hardware ethernet, a remote attacker could send specially-crafted DHCP requests to cause the server to stop responding. Packages for 2008.0 are being provided due to extended support for Corporate products. This update provides fixes for this vulnerability.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-0062, CVE-2009-0692, CVE-2009-1892
SHA-256 | 8f7faa2b9f8b97470be6e97549bff3776b3e4ccc56354a7b48c49e066c45bc19
ISC DHCP dhclient Buffer Overflow
Posted Nov 17, 2009
Authored by Jon Oberheide

ISC DHCP dhclient scripts_write_params() stack buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2009-0692
SHA-256 | 2014e6abc56455168433974101c55c09624023f1879081dc6ce5c0c8823eb70e
VMware Security Advisory 2009-0014
Posted Oct 17, 2009
Authored by VMware | Site vmware.com

VMware Security Advisory - VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues. And by multiple, we mean a very, very, very large amount of issues.

tags | advisory, kernel
advisories | CVE-2009-0692, CVE-2009-1893, CVE-2009-0692, CVE-2008-4210, CVE-2008-3275, CVE-2008-5356, CVE-2008-0598, CVE-2008-2136, CVE-2008-2812, CVE-2007-6063, CVE-2008-3525, CVE-2008-2086, CVE-2008-5347, CVE-2008-5348, CVE-2008-5349, CVE-2008-5350, CVE-2008-5351, CVE-2008-5352
SHA-256 | c2c6048aa6cecef0b2620603adc69c5932ea002bec08689597fb8904eaaf2bfa
Debian Linux Security Advisory 1833-2
Posted Aug 25, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1833-2 - The previous dhcp3 update (DSA-1833-1) did not properly apply the required changes to the stable (lenny) version. The old stable (etch) version is not affected by this problem.

tags | advisory
systems | linux, debian
advisories | CVE-2009-0692, CVE-2009-1892
SHA-256 | d37dd1774bcb143ebca48d1d6561dd56f75caa2f740d1cadcd4ec7160c9f147f
ISC DHCP dhclient Buffer Overflow
Posted Jul 28, 2009
Authored by Jon Oberheide

ISC DHCP dhclient versions below 3.1.2p1 remote buffer overflow proof of concept exploit.

tags | exploit, remote, overflow, proof of concept
advisories | CVE-2009-0692
SHA-256 | 3349faa893f5026dc2f5ad7d730fa3755ae56fe23834c0c9677e3b5a0eee16fc
Mandriva Linux Security Advisory 2009-151
Posted Jul 16, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-151 - Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option. This update provides fixes for this vulnerability.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-0692
SHA-256 | 98776c6e9ca8bc462c14c4d5c6ece953c8013badfe78305791854e7e04b418fa
Ubuntu Security Notice 803-1
Posted Jul 14, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-803-1 - It was discovered that the DHCP client as included in dhcp3 did not verify the length of certain option fields when processing a response from an IPv4 dhcp server. If a user running Ubuntu 6.06 LTS or 8.04 LTS connected to a malicious dhcp server, a remote attacker could cause a denial of service or execute arbitrary code as the user invoking the program, typically the 'dhcp' user. For users running Ubuntu 8.10 or 9.04, a remote attacker should only be able to cause a denial of service in the DHCP client. In Ubuntu 9.04, attackers would also be isolated by the AppArmor dhclient3 profile.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-0692
SHA-256 | 6a76b57fee039a37e6e55107383d34b3fd926c97e5f9f3613a05cc642474dc84
Debian Linux Security Advisory 1833-1
Posted Jul 14, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1833-1 - Several remote vulnerabilities have been discovered in ISC's DHCP implementation.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2009-0692, CVE-2009-1892
SHA-256 | a5bf6269df32f7ce41c04a238c745c002b29ad7962e67156d2b36075df03f363
Gentoo Linux Security Advisory 200907-12
Posted Jul 14, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200907-12 - A buffer overflow in dhclient as included in the ISC DHCP implementation allows for the remote execution of arbitrary code with root privileges. The Mandriva Linux Engineering Team has reported a stack-based buffer overflow in the subnet-mask handling of dhclient. Versions less than 3.1.1-r1 are affected.

tags | advisory, remote, overflow, arbitrary, root
systems | linux, gentoo, mandriva
advisories | CVE-2009-0692
SHA-256 | 6127c32fca4a29d6fa853d498b0364b4464edc5467524bf7481a893c7ba9b69d
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close