ISC DHCP Client Buffer Overflow Vulnerability Network Vulnerability

Summary

This host has installed ISC DHCP Client and is prone to Buffer overflow Vulnerability.

Impact

Successful exploitation allows attackers to run arbitrary code, corrupt memory, and can cause denial of service. Impact Level: Application

Solution

Upgrade to version 4.1.0p1, 4.0.1p1, or 3.1.2p1 or later For updates refer to https://www.isc.org/downloadables/

Insight

The flaw is due to a boundary error within the 'script_write_params()' function in 'client/dhclient.c' which can be exploited to cause a stack-based buffer overflow by sending an overly long subnet-mask option.

Affected

ISC DHCP dhclient 4.1 before 4.1.0p1 ISC DHCP dhclient 4.0 before 4.0.1p1 ISC DHCP dhclient 3.1 before 3.1.2p1 ISC DHCP dhclient all versions in 3.0 and 2.0 series.

References

http://secunia.com/advisories/35785
http://www.kb.cert.org/vuls/id/410676
http://www.vupen.com/english/advisories/2009/1891

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-0692
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Beatport Player '.m3u' File Buffer Overflow Vulnerability
Adobe Reader 'File Extension' Buffer Overflow Vulnerability (Windows)
Adobe Reader/Acrobat Multimedia Doc.media.newPlayer Code Execution Vulnerability (Win)
Cscope Multiple Buffer Overflow vulnerability
Avaya WinPDM Multiple Buffer Overflow Vulnerabilities

Take action and discover your vulnerabilities