Debian: Critical Advisory for Dhcp-Client Remote Exploit (2.1, 2.2)

Package: dhcp-client-beta (dhcp-client)
Vulnerability type: remote root exploit
Debian-specific: no

The versions of the ISC DHCP client in debian 2.1 (slink) and debian 2.2
(potato) are vulnerable to a root exploit. The OpenBSD team reports that
the client inappropriately executes commands embedded in replies sent
from a dhcp server. This means that a malicious dhcp server can execute
commands on the client with root privilages. A previous Debian security
advisory addressed this issue with package versions 2.0b1pl6-0.3 and
2.0-3potato1, but ISC has released a newer patch since the original
advisory. You should install the latest packages even if you upgraded
when the last advisory was released.

The reported vulnerability is fixed in the package dhcp-client-beta
2.0b1pl6-0.4 for the current stable release (debian 2.1) and in
dhcp-client 2.0-3potato2 for the frozen pre-release (debian 2.2). The
dhcp server and relay agents are built from the same source as the
client; however, the server and relay ag...