Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: MDKSA-2004:061 - Updated dhcp packages fix buffer overflow vulnerabilities

MDKSA-2004:061 - Updated dhcp packages fix buffer overflow vulnerabilities

From: Mandrake Linux Security Team <security_at_linux-mandrake.com>
Date: 22 Jun 2004 18:36:31 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name: dhcp
 Advisory ID: MDKSA-2004:061
 Date: June 22nd, 2004

 Affected versions: 10.0, 9.2
 ______________________________________________________________________

 Problem Description:

 A vulnerability in how ISC's DHCPD handles syslog messages can allow a
 malicious attacker with the ability to send special packets to the
 DHCPD listening port to crash the daemon, causing a Denial of Service.
 It is also possible that they may be able to execute arbitrary code on
 the vulnerable server with the permissions of the user running DHCPD,
 which is usually root.
 
 A similar vulnerability also exists in the way ISC's DHCPD makes use
 of the vsnprintf() function on system that do not support vsnprintf().
 This vulnerability could also be used to execute arbitrary code and/or
 perform a DoS attack. The vsnprintf() statements that have this
 problem are defined after the vulnerable code noted above, which would
 trigger the previous problem rather than this one.
 
 Thanks to Gregory Duchemin and Solar Designer for discovering these
 flaws.
 
 The updated packages contain 3.0.1rc14 which is not vulnerable to these
 problems. Only ISC DHCPD 3.0.1rc12 and 3.0.1rc13 are vulnerable to
 these issues.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0460
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0461
  http://www.kb.cert.org/vuls/id/317350
  http://www.kb.cert.org/vuls/id/654390
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 574eac52ddcacf16291f6576a8d88f6a 10.0/RPMS/dhcp-client-3.0-1.rc14.0.1.100mdk.i586.rpm
 daa97478495244b8c5d58702702dc0f1 10.0/RPMS/dhcp-common-3.0-1.rc14.0.1.100mdk.i586.rpm
 734a616781e92b6458a8417eb14161ca 10.0/RPMS/dhcp-devel-3.0-1.rc14.0.1.100mdk.i586.rpm
 430beae5883163e375d998c081faf7da 10.0/RPMS/dhcp-relay-3.0-1.rc14.0.1.100mdk.i586.rpm
 6bbe45c7d34fd77200af87e680083476 10.0/RPMS/dhcp-server-3.0-1.rc14.0.1.100mdk.i586.rpm
 0ba079c89ac39a926ad929eea0d039fc 10.0/SRPMS/dhcp-3.0-1.rc14.0.1.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 cd75604fcba80ce0bf21951a3ba73ff3 amd64/10.0/RPMS/dhcp-client-3.0-1.rc14.0.1.100mdk.amd64.rpm
 68183a2721f0265deee61e518f2452c6 amd64/10.0/RPMS/dhcp-common-3.0-1.rc14.0.1.100mdk.amd64.rpm
 47a4ea90cae82e3de6e3a27d92cef456 amd64/10.0/RPMS/dhcp-devel-3.0-1.rc14.0.1.100mdk.amd64.rpm
 a3f9fc9203b91344471fb12cba5e6011 amd64/10.0/RPMS/dhcp-relay-3.0-1.rc14.0.1.100mdk.amd64.rpm
 61a6a5e36b700bf1281c0009f85ed163 amd64/10.0/RPMS/dhcp-server-3.0-1.rc14.0.1.100mdk.amd64.rpm
 0ba079c89ac39a926ad929eea0d039fc amd64/10.0/SRPMS/dhcp-3.0-1.rc14.0.1.100mdk.src.rpm

 Mandrakelinux 9.2:
 a612a277ca12c0849143d22dad13b975 9.2/RPMS/dhcp-client-3.0-1.rc14.0.1.92mdk.i586.rpm
 ed71711e48503ea62da6b5b15d3cf0d5 9.2/RPMS/dhcp-common-3.0-1.rc14.0.1.92mdk.i586.rpm
 bdc249338103e5a811b25f366f85d379 9.2/RPMS/dhcp-devel-3.0-1.rc14.0.1.92mdk.i586.rpm
 78b5b964a6f3e71903c97d933136d8e0 9.2/RPMS/dhcp-relay-3.0-1.rc14.0.1.92mdk.i586.rpm
 50433f11a2d1ee06fc4e8bd2a53d0952 9.2/RPMS/dhcp-server-3.0-1.rc14.0.1.92mdk.i586.rpm
 4372c59939884d2f4717028f8751c123 9.2/SRPMS/dhcp-3.0-1.rc14.0.1.92mdk.src.rpm

 Mandrakelinux 9.2/AMD64:
 7d8a75f6e07ca949fcd0ae1b839829d6 amd64/9.2/RPMS/dhcp-client-3.0-1.rc14.0.1.92mdk.amd64.rpm
 d1cf956a03cb711385038ade1fe96eb4 amd64/9.2/RPMS/dhcp-common-3.0-1.rc14.0.1.92mdk.amd64.rpm
 8855a669ada369c6a543ae30de40afb6 amd64/9.2/RPMS/dhcp-devel-3.0-1.rc14.0.1.92mdk.amd64.rpm
 ef663e3fcd1cc9e3bf4132265bbcbb3d amd64/9.2/RPMS/dhcp-relay-3.0-1.rc14.0.1.92mdk.amd64.rpm
 df53ebb708b9ccf08c499be5d20e8eeb amd64/9.2/RPMS/dhcp-server-3.0-1.rc14.0.1.92mdk.amd64.rpm
 4372c59939884d2f4717028f8751c123 amd64/9.2/SRPMS/dhcp-3.0-1.rc14.0.1.92mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi. The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security. You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID Date User ID
 pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFA2HwumqjQ0CJFipgRAk3oAJ9Ex/mmIrxQaoB80FgS2rT7jPca6ACg062R
L8CiWcSE98BQSvF5ZW13MXo=
=d5+I
-----END PGP SIGNATURE-----
Received on Jun 22 2004

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos