Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0692

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2009-0692
Last Modified 21 Aug 2010 01:30:47
Published 14 Jul 2009 04:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-0692

Summary

Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option.

Vulnerable Systems

Application

  • Isc Dhcp 2.0

  • Isc Dhcp 3.0

  • Isc Dhcp 3.1

  • Isc Dhcp 4.0

  • Isc Dhcp 4.1.0


References

CERT-VN - VU#410676

CONFIRM - https://www.isc.org/node/468

FEDORA - FEDORA-2009-9075

FEDORA - FEDORA-2009-8344

CONFIRM - https://www.isc.org/downloadables/12

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=507717

VUPEN - ADV-2010-1796

VUPEN - ADV-2009-1891

UBUNTU - USN-803-1

SECTRACK - 1022548

BID - 35668

REDHAT - RHSA-2009:1154

REDHAT - RHSA-2009:1136

OSVDB - 55819

MANDRIVA - MDVSA-2009:151

DEBIAN - DSA-1833

SLACKWARE - SSA:2009-195-01

GENTOO - GLSA-200907-12

SECUNIA - 40551

SECUNIA - 37342

SECUNIA - 36457

SECUNIA - 35880

SECUNIA - 35851

SECUNIA - 35850

SECUNIA - 35849

SECUNIA - 35841

SECUNIA - 35832

SECUNIA - 35831

SECUNIA - 35830

SECUNIA - 35829

SECUNIA - 35785

SUSE - SUSE-SA:2009:037

HP - SSRT100018

NETBSD - NetBSD-SA2009-010

HP - HPSBMA02554

Related Patches

Novell SUSE 2009:6335 dhcp security update for SLE 10 SP2 i586


Last Updated: 27 May 2016 10:50:00