Support / Sécurité / Annonces de sécurité / Mandrakelinux 8.1 / MDKSA-2003:003

Nom du paquet: dhcpcd
Date: 2003-01-09
Advisory ID: MDKSA-2003:003
Affected versions: 8.1 i586 , SNF7.2 i586 , 8.1 i586 , 8.0 i586 , 9.0 i586 , 8.2 i586 , MNF8.2 i586 , 8.0 i586 , 8.2 i586 , 7.2 i586

Problem description

A vulnerability was discovered by Simon Kelley in the dhcpcd DHCP client daemon. dhcpcd has the ability to execute an external script named dhcpcd-.exe when an IP address is assigned to that network interface. The script sources the file /var/lib/dhcpcd/dhcpcd-.info which contains shell variables and DHCP assignment information. The way quotes are handled inside these assignments is flawed, and a malicious DHCP server can execute arbitrary shell commands on the vulnerable DHCP client system. This can also be exploited by an attacker able to spoof DHCP responses. Mandrake Linux packages contain a sample /etc/dhcpc/dhcpcd.exe file and encourages all users to upgrade immediately. Please note that when you do upgrade, you will have to restart the network for the changes to take proper effect by issuing "service network restart" as root.

Updated packages

8.1 i586

 4351a669bee76dc2d700833036d7f9d7  ia64/8.1/RPMS/dhcpcd-1.3.22pl4-1.1mdk.ia64.rpm
455f213c4b06c727224880edfe8b495f  ia64/8.1/SRPMS/dhcpcd-1.3.22pl4-1.1mdk.src.rpm

SNF7.2 i586

 19fd3bef4b6e19c38ccb57a28cacb51c  snf7.2/RPMS/dhcpcd-1.3.22pl4-1.1mdk.i586.rpm
455f213c4b06c727224880edfe8b495f  snf7.2/SRPMS/dhcpcd-1.3.22pl4-1.1mdk.src.rpm

8.1 i586

 247f8a59e8b5a524618e60c4989aec29  8.1/RPMS/dhcpcd-1.3.22pl4-1.1mdk.i586.rpm
455f213c4b06c727224880edfe8b495f  8.1/SRPMS/dhcpcd-1.3.22pl4-1.1mdk.src.rpm

8.0 i586

 af06f3b1b9084d9bbf64452a43943931  8.0/RPMS/dhcpcd-1.3.22pl4-1.1mdk.i586.rpm
455f213c4b06c727224880edfe8b495f  8.0/SRPMS/dhcpcd-1.3.22pl4-1.1mdk.src.rpm

9.0 i586

 f2b6212121ea3edbed6f6e62ebb0e20d  9.0/RPMS/dhcpcd-1.3.22pl4-1.1mdk.i586.rpm
455f213c4b06c727224880edfe8b495f  9.0/SRPMS/dhcpcd-1.3.22pl4-1.1mdk.src.rpm

8.2 i586

 e1487443e7412ab1756ed07f61ab318b  8.2/RPMS/dhcpcd-1.3.22pl4-1.1mdk.i586.rpm
455f213c4b06c727224880edfe8b495f  8.2/SRPMS/dhcpcd-1.3.22pl4-1.1mdk.src.rpm

MNF8.2 i586

 e1487443e7412ab1756ed07f61ab318b  mnf8.2/RPMS/dhcpcd-1.3.22pl4-1.1mdk.i586.rpm
455f213c4b06c727224880edfe8b495f  mnf8.2/SRPMS/dhcpcd-1.3.22pl4-1.1mdk.src.rpm

8.0 i586

 e4ad6b50170cb50d3f1de86ac699d07b  ppc/8.0/RPMS/dhcpcd-1.3.22pl4-1.1mdk.ppc.rpm
455f213c4b06c727224880edfe8b495f  ppc/8.0/SRPMS/dhcpcd-1.3.22pl4-1.1mdk.src.rpm

8.2 i586

 9b02c61e7110675ab9d52416bf50b07f  ppc/8.2/RPMS/dhcpcd-1.3.22pl4-1.1mdk.ppc.rpm
455f213c4b06c727224880edfe8b495f  ppc/8.2/SRPMS/dhcpcd-1.3.22pl4-1.1mdk.src.rpm

7.2 i586

 19fd3bef4b6e19c38ccb57a28cacb51c  7.2/RPMS/dhcpcd-1.3.22pl4-1.1mdk.i586.rpm
455f213c4b06c727224880edfe8b495f  7.2/SRPMS/dhcpcd-1.3.22pl4-1.1mdk.src.rpm

References

http://www.phystech.com/download/dhcdcd_changelog.html