Summary
This host has installed ISC DHCP Client and is prone to Buffer overflow Vulnerability.
Impact
Successful exploitation allows attackers to run arbitrary code, corrupt memory, and can cause denial of service.
Impact Level: Application
Solution
Upgrade to version 4.1.0p1, 4.0.1p1, or 3.1.2p1 or later For updates refer to https://www.isc.org/downloadables/
Insight
The flaw is due to a boundary error within the 'script_write_params()' function in 'client/dhclient.c' which can be exploited to cause a stack-based buffer overflow by sending an overly long subnet-mask option.
Affected
ISC DHCP dhclient 4.1 before 4.1.0p1
ISC DHCP dhclient 4.0 before 4.0.1p1
ISC DHCP dhclient 3.1 before 3.1.2p1
ISC DHCP dhclient all versions in 3.0
and 2.0 series.
References
Severity
Classification
-
CVE CVE-2009-0692 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Beatport Player '.m3u' File Buffer Overflow Vulnerability
- Adobe Reader 'File Extension' Buffer Overflow Vulnerability (Windows)
- Adobe Reader/Acrobat Multimedia Doc.media.newPlayer Code Execution Vulnerability (Win)
- Cscope Multiple Buffer Overflow vulnerability
- Avaya WinPDM Multiple Buffer Overflow Vulnerabilities