----------------------------------------------------------------------

Do you have VARM strategy implemented?

(Vulnerability Assessment Remediation Management)  

If not, then implement it through the most reliable vulnerability
intelligence source on the market. 

Implement it through Secunia. 

For more information visit:
http://secunia.com/advisories/business_solutions/

Alternatively request a call from a Secunia representative today to
discuss how we can help you with our capabilities contact us at:
sales@secunia.com

----------------------------------------------------------------------

TITLE:
Debian update for dhcp3

SECUNIA ADVISORY ID:
SA35830

VERIFY ADVISORY:
http://secunia.com/advisories/35830/

DESCRIPTION:
Debian has issued an update for dhcp3. This fixes some
vulnerabilities, which can be exploited by malicious people to cause
a DoS (Denial of Service) and potentially compromise a user's
system.

1) An error exists within the processing of certain DHCP requests if
the server configuration mixes host definitions using the "hardware
ethernet" and "dhcp-client-identifier" options. 

2) A vulnerability is caused due to a boundary error within dhclient
when processing subnet-mask options.

For more information:
SA35785

SOLUTION:
Apply updated packages.

-- Debian GNU/Linux 5.0 alias lenny --

Source archives:

http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.1.1.orig.tar.gz
Size/MD5 checksum: 798228 fcc19330a9c3a0efb5620409214652a9
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.1.1-6+lenny2.diff.gz
Size/MD5 checksum: 128880 72d4201330b347bfd5ccb15cad39c98f
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.1.1-6+lenny2.dsc
Size/MD5 checksum: 1488 595d2c450fe04edac8e5fcf916480a84

Architecture independent packages:

http://security.debian.org/pool/updates/main/d/dhcp3/dhcp-client_3.1.1-6+lenny2_all.deb
Size/MD5 checksum: 22976 0216788c7652496df9d297d3df2a81e7

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_alpha.deb
Size/MD5 checksum: 394400 cb8559b314619922a91374579d6959c4
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_alpha.deb
Size/MD5 checksum: 148276 a8a666404ecf773eaeaab5a2423b540e
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_alpha.deb
Size/MD5 checksum: 348508 cfc96c8147d27237b57e4e698f393cda
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_alpha.deb
Size/MD5 checksum: 127480 989117e4e0bd1b90cbd5cd0ec06377d0
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_alpha.deb
Size/MD5 checksum: 271974 b36ad4833551063757e31562c713d4ae
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_alpha.udeb
Size/MD5 checksum: 215130 326aaed7e5144102deed214c5ab6a14c
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_alpha.deb
Size/MD5 checksum: 333764 b8ebbb4d8a8ac528a685490483da09f1

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_amd64.deb
Size/MD5 checksum: 358390 68dccbc7e63ffb59c9ef2af3bfe4c7b3
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_amd64.deb
Size/MD5 checksum: 245198 4cd491f7be9374393a4d9c8687b8276a
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_amd64.deb
Size/MD5 checksum: 120404 4dfcb0d1f42836cac6d5679a1abdfcb9
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_amd64.deb
Size/MD5 checksum: 313190 5da5b48221028fff8d2fe89370ea051d
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_amd64.deb
Size/MD5 checksum: 310328 f6a3ddc984847b078c9e93ad95d82ae4
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_amd64.deb
Size/MD5 checksum: 114232 1980df61d75ea40ebc82c22c7005b3ea
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_amd64.udeb
Size/MD5 checksum: 188412 91cf6d4362473d908f108a45c6e1073c

arm architecture (ARM)

http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_arm.deb
Size/MD5 checksum: 103692 0c3678563a2fadc12054811d3c5df5be
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_arm.deb
Size/MD5 checksum: 336338 22a205bb36afdb50717e1187c644ca7f
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_arm.deb
Size/MD5 checksum: 292856 d64219e9efe77445c5b3c2a5834a5f16
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_arm.deb
Size/MD5 checksum: 226548 30e51575f5aad4a17cda75b6277c2298
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_arm.deb
Size/MD5 checksum: 108874 71e3bc13d6e59a98f32f3466291becac
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_arm.udeb
Size/MD5 checksum: 170056 460b6cb3d07249b2bf7a554504815cc3
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_arm.deb
Size/MD5 checksum: 291164 768c6b628b9285007277a884342fff2d

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_armel.deb
Size/MD5 checksum: 293770 aff3c87d606cf2b7cfc8cc2b6a433ee0
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_armel.deb
Size/MD5 checksum: 338686 20e3cf59a67c8d746918378e486adc72
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_armel.deb
Size/MD5 checksum: 109692 228381c7fbead4e0b3e140647c956015
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_armel.deb
Size/MD5 checksum: 103172 04a01c3e2e5eb34b9ca9b89ba6ff0704
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_armel.deb
Size/MD5 checksum: 227394 7afa7ddb6b23887f8a11ae1599c521b6
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_armel.deb
Size/MD5 checksum: 293020 00ed8969e284da3a687e4e6421dbdc3b
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_armel.udeb
Size/MD5 checksum: 170800 2e74568b6974af18c54a8f276157240f

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_hppa.deb
Size/MD5 checksum: 116212 bbc799a4068272efbd27845c0b91de4d
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_hppa.udeb
Size/MD5 checksum: 194972 d86d92f993fd03f2177847d0384cdc8e
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_hppa.deb
Size/MD5 checksum: 324480 169c91330d7627dd539342a950c0ede1
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_hppa.deb
Size/MD5 checksum: 315718 e86d7975c3341d02f319f7de97b13045
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_hppa.deb
Size/MD5 checksum: 251748 956834560fde2009ae81efba433ab9b1
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_hppa.deb
Size/MD5 checksum: 127710 f67185d6696ef7104a888053488234f8
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_hppa.deb
Size/MD5 checksum: 369580 cf511b62e1cbced8373103dd23604631

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_i386.deb
Size/MD5 checksum: 332434 deceed031e4ec70f9a89a3f9f1aa83a6
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_i386.udeb
Size/MD5 checksum: 167142 890e95b663c536bd4794e4eeaf7e4620
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_i386.deb
Size/MD5 checksum: 106664 e9a85ff16968a9b0a982f2650d09b97e
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_i386.deb
Size/MD5 checksum: 224288 ccaea8e386efccf4a9a7b5a66368a18b
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_i386.deb
Size/MD5 checksum: 286932 acd0bd92af229ba24bb9e426e518144f
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_i386.deb
Size/MD5 checksum: 290520 41251b845417290082cead454420009a
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_i386.deb
Size/MD5 checksum: 102132 40ccebf82e99c1f2228d0304c7c10bb0

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_ia64.deb
Size/MD5 checksum: 400296 447643661f0ef198381636421a817e15
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_ia64.deb
Size/MD5 checksum: 347478 0ee8f2058fca1d30fdcb4eed2e82b6b1
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_ia64.deb
Size/MD5 checksum: 159842 12d61f96202f3f68b9aff09424d79348
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_ia64.deb
Size/MD5 checksum: 508044 130ffd524faa48178f124befdc150e47
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_ia64.deb
Size/MD5 checksum: 464766 bf7266a768cc90bd76c785624cb4089d
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_ia64.udeb
Size/MD5 checksum: 289288 ee79b20eefaf229fb46ada9bc6ae56bf
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_ia64.deb
Size/MD5 checksum: 155048 8ecc258935ffd55300285fc775d9f1b9

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_mips.deb
Size/MD5 checksum: 359176 fb5bd87ef5481f1f43c9a45dfcd3ce37
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_mips.deb
Size/MD5 checksum: 309030 90233c8ed44269bba30f16b0e8a84450
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_mips.deb
Size/MD5 checksum: 245844 16982508add38de5d1dc7e465e484d14
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_mips.deb
Size/MD5 checksum: 114538 291ed9f1bc54e3b8082ca4633185796c
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_mips.deb
Size/MD5 checksum: 314358 270b38430ca3b97245c29ac4dc314172
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_mips.udeb
Size/MD5 checksum: 188178 334dd27da8522f16bf58ac31e4d3dac2
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_mips.deb
Size/MD5 checksum: 124312 aef53193ecfafb6c1433223f19242a35

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_mipsel.deb
Size/MD5 checksum: 362162 67743cf382e17cfab714158bb0f37561
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_mipsel.deb
Size/MD5 checksum: 247664 b5494e175f7be190ddb2390d2b55ca79
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_mipsel.deb
Size/MD5 checksum: 310866 6387812c812dafa3b63ed7b139c48f74
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_mipsel.deb
Size/MD5 checksum: 116224 bf5038fb4e9d79beea543376f91a5404
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_mipsel.udeb
Size/MD5 checksum: 190284 1da972b8dd8e57d7ed1e62b387329d43
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_mipsel.deb
Size/MD5 checksum: 317228 9df2929f942d894260e0783cba8668c0
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_mipsel.deb
Size/MD5 checksum: 125528 34a0a833a1d5626232a7f6b0891d6fa9

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_powerpc.deb
Size/MD5 checksum: 305096 f3d385927548fe52fde1070280bda9a9
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_powerpc.deb
Size/MD5 checksum: 111500 9d03e2dc815e1f2bb383f677aaf86eb9
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_powerpc.udeb
Size/MD5 checksum: 183812 82bce24908b4088c62c9d6d7622d3ac2
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_powerpc.deb
Size/MD5 checksum: 310594 97b0fd83d73c1aec8784e97a92b77ee1
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_powerpc.deb
Size/MD5 checksum: 354430 0e7fc5b85c1474674e8aa1f506bbf815
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_powerpc.deb
Size/MD5 checksum: 118796 2af645bbf54897306a52a7b072cdded1
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_powerpc.deb
Size/MD5 checksum: 241116 7748b01950150c4cec91d2f361c5e403

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_s390.deb
Size/MD5 checksum: 303410 0681214517ad4e1746d0f30a6af3854f
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_s390.deb
Size/MD5 checksum: 348930 cda6066a1d5cfa599383e38201b662c0
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_s390.deb
Size/MD5 checksum: 112420 cb2a4679d4d187e6373df2e8fb7de53e
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_s390.udeb
Size/MD5 checksum: 182114 55db5122f2cb6acc7169911f40c5646a
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_s390.deb
Size/MD5 checksum: 117568 6e16df93aabfcb6892de03e3c7d9c35b
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_s390.deb
Size/MD5 checksum: 239446 5c93734c0bd94ef02c726730418ab49c
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_s390.deb
Size/MD5 checksum: 303678 5924002054a4233ea16e4e8769821f49

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_sparc.udeb
Size/MD5 checksum: 161504 f4ae7e33ec0fae6818f0cae625925ee9
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_sparc.deb
Size/MD5 checksum: 218292 f4b7091a070b4dc413eb4d3e319b88f9
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_sparc.deb
Size/MD5 checksum: 109326 fe50b4989d1b397347621c5c4fef23af
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_sparc.deb
Size/MD5 checksum: 101564 60fd708e4dcda554af9ede9b9cc396a9
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_sparc.deb
Size/MD5 checksum: 280070 7ee763f435a4881ac7f719030e59b8d0
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_sparc.deb
Size/MD5 checksum: 283656 2a79cfc252c6a772d16e34845984a5ac
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_sparc.deb
Size/MD5 checksum: 325588 168e42992477d7e845d1d9bfde4b1cad

PROVIDED AND/OR DISCOVERED BY:
2) Debian credits Christoph Biedl.

ORIGINAL ADVISORY:
DSA-1833-1:
http://lists.debian.org/debian-security-announce/2009/msg00147.html

OTHER REFERENCES:
SA35785:
http://secunia.com/advisories/35785/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------