MDVSA-2009:312
- Package name
- dhcp
- Date
- 2009-12-03
- Advisory ID
- MDVSA-2009:312
- Affected versions
- 2008.0 i586 , 2008.0 x86_64
Problem description
A vulnerability has been found and corrected in ISC DHCP:
Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before
3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build
56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455
and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and
ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528;
allows remote attackers to cause a denial of service (daemon crash)
or execute arbitrary code via a malformed DHCP packet with a large
dhcp-max-message-size that triggers a stack-based buffer overflow,
related to servers configured to send many DHCP options to clients
(CVE-2007-0062).
Stack-based buffer overflow in the script_write_params method in
client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0
before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP
servers to execute arbitrary code via a crafted subnet-mask option
(CVE-2009-0692).
ISC DHCP Server is vulnerable to a denial of service, caused by the
improper handling of DHCP requests. If the host definitions are mixed
using dhcp-client-identifier and hardware ethernet, a remote attacker
could send specially-crafted DHCP requests to cause the server to
stop responding (CVE-2009-1892).
Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers
This update provides fixes for this vulnerability.
Updated packages
2008.0 i586
3081299715b66778098307681861d6d7 2008.0/i586/dhcp-client-3.0.7-0.1mdv2008.0.i586.rpm 65893c30e369cb54df581508c0a278ce 2008.0/i586/dhcp-common-3.0.7-0.1mdv2008.0.i586.rpm c7891651d44f4c66967789a594cb494f 2008.0/i586/dhcp-devel-3.0.7-0.1mdv2008.0.i586.rpm 6ddeab5add9a44c4c0d97fc98e98b48f 2008.0/i586/dhcp-doc-3.0.7-0.1mdv2008.0.i586.rpm 2c3e9e31d4c99a3622ce4c029ce7d5f9 2008.0/i586/dhcp-relay-3.0.7-0.1mdv2008.0.i586.rpm e9271dcc129000708f9537a5ad3a926f 2008.0/i586/dhcp-server-3.0.7-0.1mdv2008.0.i586.rpm 2a2e6cca8ab0d7c62e14aa19116ac860 2008.0/SRPMS/dhcp-3.0.7-0.1mdv2008.0.src.rpm
2008.0 x86_64
137eaf194b2faa3a8de3b90453c47793 2008.0/x86_64/dhcp-client-3.0.7-0.1mdv2008.0.x86_64.rpm 79a273d98b5ef2f51c93c0f4d49ab82a 2008.0/x86_64/dhcp-common-3.0.7-0.1mdv2008.0.x86_64.rpm 4e1ca48b749ef04f4aff6dd6d9d34bde 2008.0/x86_64/dhcp-devel-3.0.7-0.1mdv2008.0.x86_64.rpm df97bbd0680f5b82417be5fb448a3493 2008.0/x86_64/dhcp-doc-3.0.7-0.1mdv2008.0.x86_64.rpm daa25b01f8fd36eeeedc2cb4c0e2c119 2008.0/x86_64/dhcp-relay-3.0.7-0.1mdv2008.0.x86_64.rpm 1d283afe24bb93f3c155a2b762e50988 2008.0/x86_64/dhcp-server-3.0.7-0.1mdv2008.0.x86_64.rpm 2a2e6cca8ab0d7c62e14aa19116ac860 2008.0/SRPMS/dhcp-3.0.7-0.1mdv2008.0.src.rpm