SuSE Security Advisory SUSE-SA:2009:037 (dhcp-client) Network Vulnerability

Summary

The remote host is missing updates announced in advisory SUSE-SA:2009:037.

Solution

Update your system with the packages as indicated in the referenced security advisory. https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:037

Insight

The DHCP client (dhclient) could be crashed by a malicious DHCP server sending an overlong subnet field (CVE-2009-0692). In theory a malicious DHCP server could exploit the flaw to execute arbitrary code as root on machines using dhclient to obtain network settings. Newer distributions (SLES10+, openSUSE) do have buffer overflow checking that guards against this kind of stack overflow though. So actual exploitability is rather unlikely.

Severity

Classification

CVE	CVE-2008-3443, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3790, CVE-2008-3905, CVE-2009-0642, CVE-2009-0692, CVE-2009-1886, CVE-2009-1888, CVE-2009-1904, CVE-2009-2042

CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

SLES10: Security update for freetype2
SLES10: Security update for Mozilla NSS
SLES10: Security update for liblcms
SLES10: Security update for Cyrus IMAPD
SLES10: Security update for kdelibs3

Take action and discover your vulnerabilities