Mandriva Linux Security Advisory 2009-312 - Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients. Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option. ISC DHCP Server is vulnerable to a denial of service, caused by the improper handling of DHCP requests. If the host definitions are mixed using dhcp-client-identifier and hardware ethernet, a remote attacker could send specially-crafted DHCP requests to cause the server to stop responding. Packages for 2008.0 are being provided due to extended support for Corporate products. This update provides fixes for this vulnerability.
8f7faa2b9f8b97470be6e97549bff3776b3e4ccc56354a7b48c49e066c45bc19Debian Security Advisory 1833-2 - The previous dhcp3 update (DSA-1833-1) did not properly apply the required changes to the stable (lenny) version. The old stable (etch) version is not affected by this problem.
d37dd1774bcb143ebca48d1d6561dd56f75caa2f740d1cadcd4ec7160c9f147fGentoo Linux Security Advisory GLSA 200908-08 - dhcpd as included in the ISC DHCP implementation does not properly handle special conditions, leading to a Denial of Service. Christoph Biedl discovered that dhcpd does not properly handle certain DHCP requests when configured both using dhcp-client-identifier and hardware ethernet. Versions less than 3.1.2_p1 are affected.
ff0d14334baad78d4797effa091995831fdfeb854f674eb3f33ffb6e0fcab7f5Mandriva Linux Security Advisory 2009-172 - ISC DHCP Server is vulnerable to a denial of service, caused by the improper handling of DHCP requests. If the host definitions are mixed using dhcp-client-identifier and hardware ethernet, a remote attacker could send specially-crafted DHCP requests to cause the server to stop responding. This update provides fixes for this vulnerability.
48e39060a642bf4ad5cb8769383ababf8543344a7f64bf54d487c6acbfd21677Mandriva Linux Security Advisory 2009-154 - ISC DHCP Server is vulnerable to a denial of service, caused by the improper handling of DHCP requests. If the host definitions are mixed using dhcp-client-identifier and hardware ethernet, a remote attacker could send specially-crafted DHCP requests to cause the server to stop responding. This update provides fixes for this vulnerability.
a5fee68b57120e41bed46b987cdbc7a95a0deafc41924ab3c7874ee821b6b438Debian Security Advisory 1833-1 - Several remote vulnerabilities have been discovered in ISC's DHCP implementation.
a5bf6269df32f7ce41c04a238c745c002b29ad7962e67156d2b36075df03f363
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed