Debian Security Advisory DSA 750-1 (dhcpcd) Network Vulnerability

Summary

The remote host is missing an update to dhcpcd announced via advisory DSA 750-1. infamous42md discovered that dhcpcd, a DHCP client for automatically configuring IPv4 networking, can be tricked into reading past the end of the supplied DHCP buffer which could lead to the daemon crashing. The old stable distribution (woody) is not affected by this problem.

Solution

For the stable distribution (sarge) this problem has been fixed in version 1.3.22pl4-21sarge1. For the unstable distribution (sid) this problem has been fixed in version 1.3.22pl4-22. We recommend that you upgrade your dhcpcd package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20750-1

Severity

Classification

CVE CVE-2005-1848
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1010-1 (ilohamail)
Debian Security Advisory DSA 037-1 (nextaw, xaw3d, xaw95)
Debian Security Advisory DSA 1122-1 (libnet-server-perl)
Debian Security Advisory DSA 1147-1 (drupal)
Debian Security Advisory DSA 1096-1 (webcalendar)

Take action and discover your vulnerabilities