Paketname
dhcp
Datum
2000-07-02
Advisory ID
MDKSA-2000:013
Betroffene Versionen
6.1 i586 , 6.0 i586 , 7.0 i586 , 7.1 i586

Problembeschreibung

The OpenBSD team discovered a vulnerability in it that allows for remote exploitation by a corrupt dhcp server, (or an attacker pretending to be a dhcp server). If this vulnerability is exploited, root access can be gained on the host running dhcp client remotely. The problem is that input is not checked and, as a result, it is possible to execute commands remotely when the network config files are being written on the dhcp client.

Aktualisierte Pakete

6.1 i586

 32915a170c38fe45032e75421dfd4178  6.1/RPMS/dhcp-3.0b1pl12-6mdk.i586.rpm
389c7f48a36ec81528e2f9cdaefc0521  6.1/RPMS/dhcp-client-3.0b1pl12-6mdk.i586.rpm
9469c360585a2dc69eccf6fbaf3e9099  6.1/SRPMS/dhcp-3.0b1pl12-6mdk.src.rpm

6.0 i586

 9621fbe7b5fbf14063c4806bf2c1e141  6.0/RPMS/dhcp-3.0b1pl12-6mdk.i586.rpm
0ee7eac80fad4382014c9b2f9181b7d8  6.0/RPMS/dhcp-client-3.0b1pl12-6mdk.i586.rpm
9469c360585a2dc69eccf6fbaf3e9099  6.0/SRPMS/dhcp-3.0b1pl12-6mdk.src.rpm

7.0 i586

 431442f90603708c0dae624e5d282a92  7.0/RPMS/dhcp-3.0b1pl12-6mdk.i586.rpm
08b74d01dd76b64ed48719484c8c4fb1  7.0/RPMS/dhcp-client-3.0b1pl12-6mdk.i586.rpm
9469c360585a2dc69eccf6fbaf3e9099  7.0/SRPMS/dhcp-3.0b1pl12-6mdk.src.rpm

7.1 i586

 57ef403c1a6f5734b1ac63dcde854ae8  7.1/RPMS/dhcp-3.0b1pl12-6mdk.i586.rpm
d8d3a7bfb145c7c2f5cfdd2127333c67  7.1/RPMS/dhcp-client-3.0b1pl12-6mdk.i586.rpm
9469c360585a2dc69eccf6fbaf3e9099  7.1/SRPMS/dhcp-3.0b1pl12-6mdk.src.rpm