what you don't know can hurt you
Showing 1 - 10 of 10 RSS Feed

CVE-2009-0692

Status Candidate

Overview

Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option.

Related Files

Ubuntu Security Notice 803-2
Posted Jan 27, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 803-2 - USN-803-1 fixed a vulnerability in Dhcp. Due to an error, the patch to fix the vulnerability was not properly applied on Ubuntu 8.10 and higher. Even with the patch improperly applied, the default compiler options reduced the vulnerability to a denial of service. Additionally, in Ubuntu 9.04 and higher, users were also protected by the AppArmor dhclient3 profile. This update fixes the problem. Original advisory details: It was discovered that the DHCP client as included in dhcp3 did not verify the length of certain option fields when processing a response from an IPv4 dhcp server. If a user running Ubuntu 6.06 LTS or 8.04 LTS connected to a malicious dhcp server, a remote attacker could cause a denial of service or execute arbitrary code as the user invoking the program, typically the 'dhcp' user. For users running Ubuntu 8.10 or 9.04, a remote attacker should only be able to cause a denial of service in the DHCP client. In Ubuntu 9.04, attackers would also be isolated by the AppArmor dhclient3 profile.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-0692
MD5 | 59f8411599b6a1bac908489547ac10c6
Mandriva Linux Security Advisory 2009-312
Posted Dec 4, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-312 - Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients. Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option. ISC DHCP Server is vulnerable to a denial of service, caused by the improper handling of DHCP requests. If the host definitions are mixed using dhcp-client-identifier and hardware ethernet, a remote attacker could send specially-crafted DHCP requests to cause the server to stop responding. Packages for 2008.0 are being provided due to extended support for Corporate products. This update provides fixes for this vulnerability.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-0062, CVE-2009-0692, CVE-2009-1892
MD5 | 3f0f0055f8b3154a41047aac5d4b3a34
ISC DHCP dhclient Buffer Overflow
Posted Nov 17, 2009
Authored by Jon Oberheide

ISC DHCP dhclient scripts_write_params() stack buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2009-0692
MD5 | 0ec16a6f3d31b4088eedff4643bf281b
VMware Security Advisory 2009-0014
Posted Oct 17, 2009
Authored by VMware | Site vmware.com

VMware Security Advisory - VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues. And by multiple, we mean a very, very, very large amount of issues.

tags | advisory, kernel
advisories | CVE-2009-0692, CVE-2009-1893, CVE-2009-0692, CVE-2008-4210, CVE-2008-3275, CVE-2008-5356, CVE-2008-0598, CVE-2008-2136, CVE-2008-2812, CVE-2007-6063, CVE-2008-3525, CVE-2008-2086, CVE-2008-5347, CVE-2008-5348, CVE-2008-5349, CVE-2008-5350, CVE-2008-5351, CVE-2008-5352
MD5 | cf35b0628892e0b637067c67de042b44
Debian Linux Security Advisory 1833-2
Posted Aug 25, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1833-2 - The previous dhcp3 update (DSA-1833-1) did not properly apply the required changes to the stable (lenny) version. The old stable (etch) version is not affected by this problem.

tags | advisory
systems | linux, debian
advisories | CVE-2009-0692, CVE-2009-1892
MD5 | 169663c7325066f7c986a805e501aaab
ISC DHCP dhclient Buffer Overflow
Posted Jul 28, 2009
Authored by Jon Oberheide

ISC DHCP dhclient versions below 3.1.2p1 remote buffer overflow proof of concept exploit.

tags | exploit, remote, overflow, proof of concept
advisories | CVE-2009-0692
MD5 | 5a864fd4128cd438f38a0e7b62ef558b
Mandriva Linux Security Advisory 2009-151
Posted Jul 16, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-151 - Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option. This update provides fixes for this vulnerability.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-0692
MD5 | b1d27be5487b0d393815ba575954468f
Ubuntu Security Notice 803-1
Posted Jul 14, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-803-1 - It was discovered that the DHCP client as included in dhcp3 did not verify the length of certain option fields when processing a response from an IPv4 dhcp server. If a user running Ubuntu 6.06 LTS or 8.04 LTS connected to a malicious dhcp server, a remote attacker could cause a denial of service or execute arbitrary code as the user invoking the program, typically the 'dhcp' user. For users running Ubuntu 8.10 or 9.04, a remote attacker should only be able to cause a denial of service in the DHCP client. In Ubuntu 9.04, attackers would also be isolated by the AppArmor dhclient3 profile.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-0692
MD5 | 13c59926aecfb14856f64bee352d4038
Debian Linux Security Advisory 1833-1
Posted Jul 14, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1833-1 - Several remote vulnerabilities have been discovered in ISC's DHCP implementation.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2009-0692, CVE-2009-1892
MD5 | 205dd59b0393cc93e1df591be387e8bf
Gentoo Linux Security Advisory 200907-12
Posted Jul 14, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200907-12 - A buffer overflow in dhclient as included in the ISC DHCP implementation allows for the remote execution of arbitrary code with root privileges. The Mandriva Linux Engineering Team has reported a stack-based buffer overflow in the subnet-mask handling of dhclient. Versions less than 3.1.1-r1 are affected.

tags | advisory, remote, overflow, arbitrary, root
systems | linux, gentoo, mandriva
advisories | CVE-2009-0692
MD5 | 0203d7b18f819cf7a6ee13296903ea32
Page 1 of 1
Back1Next

File Archive:

December 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    1 Files
  • 2
    Dec 2nd
    16 Files
  • 3
    Dec 3rd
    17 Files
  • 4
    Dec 4th
    23 Files
  • 5
    Dec 5th
    11 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close