ISC DHCP Client Buffer Overflow Vulnerability Network Vulnerability

Summary

This host has installed ISC DHCP Client and is prone to Buffer overflow Vulnerability.

Impact

Successful exploitation allows attackers to run arbitrary code, corrupt memory, and can cause denial of service. Impact Level: Application

Solution

Upgrade to version 4.1.0p1, 4.0.1p1, or 3.1.2p1 or later For updates refer to https://www.isc.org/downloadables/

Insight

The flaw is due to a boundary error within the 'script_write_params()' function in 'client/dhclient.c' which can be exploited to cause a stack-based buffer overflow by sending an overly long subnet-mask option.

Affected

ISC DHCP dhclient 4.1 before 4.1.0p1 ISC DHCP dhclient 4.0 before 4.0.1p1 ISC DHCP dhclient 3.1 before 3.1.2p1 ISC DHCP dhclient all versions in 3.0 and 2.0 series.

References

http://secunia.com/advisories/35785
http://www.kb.cert.org/vuls/id/410676
http://www.vupen.com/english/advisories/2009/1891

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-0692

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Photoshop PNG Image Processing Buffer Overflow Vulnerabilities (Mac OS X)
Apple iTunes '.pls' Files Buffer Overflow Vulnerability
CTorrent/Enhanced CTorrent Buffer Overflow Vulnerability
Adobe Flash Professional JPG Object Processing BOF Vulnerability (Mac OS X)
Blazevideo HDTV Player PLF File Buffer Overflow Vulnerability

Take action and discover your vulnerabilities