ICS DHCP daemon minires library multiple buffer overflows

dhcpd-minires-multiple-bo (11073) The risk level is classified as HighHigh Risk

Description:

Internet Software Consortium (ISC) Dynamic Host Configuration Protocol (DHCP) daemon is vulnerable to multiple stack-based buffer overflows, caused by a vulnerability in the minires library, which is used by NSUPDATE to resolve hostnames. By sending a DHCP message with an overly long hostname to the program, a remote attacker could overflow a buffer and execute arbitrary code on the system with privileges of the ISC DHCPD user.


Consequences:

Gain Access

Remedy:

Upgrade to the latest version of DHCP (3.0.1RC11 or later), available from the Internet Software Consortium Web site. See References.

For OpenPKG:
Upgrade to the latest dhcpd package, as listed below. Refer to OpenPKG Security Advisory OpenPKG-SA-2003.002 for more information. See References.

OpenPKG CURRENT: 3.0.1rc11-20030116 or later
OpenPKG 1.0: 3.0.1rc4-1.0.1or later
OpenPKG 1.1: 3.0.1rc9-1.1.1 or later

For Red Hat Linux 8.0:
Upgrade to the latest dhcp package (3.0pl1-15 or later), as listed in RHSA-2003:011-07. See References.

For Mandrake Linux:
Upgrade to the latest dhcp package, as listed below. Refer to MandrakeSoft Security Advisory MDKSA-2003:007:dhcp for more information. See References.

Linux-Mandrake 7.2: 3.0b2pl9-4.2mdk or later
Mandrake Linux 8.1: 3.0-0.rc12.2.2mdk or later
Mandrake Linux 8.2: 3.0-1rc8.2.2mdk or later
Mandrake Linux 9.0: 3.0-1rc9.3mdk or later
Multi Network Firewall 8.2: 3.0-1rc8.2.2mdk or later
Single Network Firewall 7.2: 3.0b2pl23-2.2mdk or later

For Gentoo Linux:
Upgrade versions of net-misc/dhcp to dhcp-3.0_p2, as listed in Gentoo Linux Security Announcement 20031-10. See References.

For Debian GNU/Linux:
Upgrade to the latest dhcp3 package, as listed below. Refer to DSA-231-1 for more information. See References.

Debian GNU/Linux 3.0 (woody): 3.0+3.0.1rc9-2.1 or later

For SuSE Linux:
Upgrade to the latest OpenSSL package, as listed below. Refer to SuSE Security Announcement SuSE-SA:2003:0006 for more information. See References.

SuSE 8.1 (Intel): 3.0.1rc9-59.i586 or later
SuSE 8.0 (Intel): 3.0.1rc6-15.i386 or later
SuSE 7.3 (Intel): 3.0rc12-56.i386 or later
SuSE 7.2 (Intel): 3.0rc4-32.i386 or later
SuSE 7.1 (Intel): 1.3.19pl2-1.i386 or later
SuSE 7.3 (Sparc): 3.0rc12-26 or later
SuSE 7.1 (AXP Alpha): 1.3.19pl6-0 or later
SuSE 7.0 (AXP Alpha): 1.3.18p8-11 or later
SuSE 7.3 (PPC Power PC): 3.0rc12-39 or later
SuSE 7.1 (PPC Power PC): 1.3.19pl2-1 or later

For Slackware Linux:
Upgrade to the latest dhcp package, as listed below. Refer to slackware-security Mailing List posting dated Sun, 19 Jan 2003 12:44:17 -0800 (PST) for more information. See References.

Slackware Linux 8.1 and current: dhcp-3.0pl2-i386-1 or later

For Conectiva Linux:
Upgrade to the latest dhcp package, as listed below. Refer to Conectiva Linux Security Announcement CLSA-2003:562 for more information. See References.

Conectiva Linux 8.0: 3.0-3U80_2cl.i386 or later

For TurboLinux 8 (Server and Workstation):
Upgrade to the latest dhcp package (3.0pl2-1or later), as listed in TurboLinux Security Announcement TLSA-2003-6. See References.

For TurboLinux Server 6.5, Advanced Server 6 and TurboLinux 7 and 8 (Server and Workstation):
Upgrade to the latest version of MySQL (3.0pl2-1 or later), as listed in TurboLinux Security Announcement TLSA-2003-6. See References.

For other distributions:
Contact your vendor for upgrade or patch information.

References:

Platforms Affected:

  • Conectiva Linux 8.0
  • Debian Debian Linux 3.0
  • Gentoo Linux
  • ISC DHCPd 3.0
  • ISC DHCPd 3.0.1 rc8
  • ISC DHCPd 3.0.1 rc9
  • ISC DHCPd 3.0.1 rc7
  • ISC DHCPd 3.0.1 rc6
  • ISC DHCPd 3.0.1 rc5
  • ISC DHCPd 3.0.1 rc4
  • ISC DHCPd 3.0.1 rc3
  • ISC DHCPd 3.0.1 rc2
  • ISC DHCPd 3.0.1 rc10
  • ISC DHCPd 3.0.1 rc1
  • MandrakeSoft Mandrake Linux 7.2
  • MandrakeSoft Mandrake Linux 8.1
  • MandrakeSoft Mandrake Linux 8.1 IA64
  • MandrakeSoft Mandrake Linux 8.2
  • MandrakeSoft Mandrake Linux 8.2 PPC
  • MandrakeSoft Mandrake Linux 9.0
  • MandrakeSoft Mandrake Multi Network Firewall 8.2
  • MandrakeSoft Mandrake Single Network Firewall 7.2
  • Novell SuSE Linux Enterprise Server
  • OpenPKG OpenPKG 1.0
  • OpenPKG OpenPKG 1.1
  • OpenPKG OpenPKG CURRENT
  • RedHat Linux 7
  • RedHat Linux 7.1
  • RedHat Linux 7.2
  • RedHat Linux 7.3
  • RedHat Linux 8.0
  • Slackware Slackware Linux 8.1
  • Slackware Slackware Linux current
  • SuSE SuSE eMail Server 3.1
  • SuSE SuSE eMail Server III
  • SUSE SuSE Linux 7.0
  • SUSE SuSE Linux 7.1
  • SUSE SuSE Linux 7.2
  • SUSE SuSE Linux 7.3
  • SUSE SuSE Linux 8.0
  • SUSE SuSE Linux 8.1
  • SuSE SuSE Linux Connectivity Server
  • SuSE SuSE Linux Database Server
  • SuSE SuSE Linux Office Server
  • Turbolinux Turbolinux 8 Server
  • Turbolinux Turbolinux 8 Workstation

Reported:

Jan 15, 2003

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this

Return to the main page