Linux Security
Linux Security
Linux Security

Debian: dhcp remote root exploit

Date 28 Jun 2000
Posted By LinuxSecurity Advisories
The versions of the ISC DHCP client in debian 2.1 (slink) and debian 2.2 (potato) are vulnerable to a root exploit.

- ------------------------------------------------------------------------
Debian Security Advisory                             This email address is being protected from spambots. You need JavaScript enabled to view it.                            Michael Stone
June 27, 2000
- ------------------------------------------------------------------------

Package: dhcp-client-beta (dhcp-client)
Vulnerability type: remote root exploit
Debian-specific: no

The versions of the ISC DHCP client in debian 2.1 (slink) and debian 2.2
(potato) are vulnerable to a root exploit. The OpenBSD team reports that the
client inappropriately executes commands embedded in replies sent from a dhcp
server. This means that a malicious dhcp server can execute commands on the
client with root privilages. 

The reported vulnerability is fixed in the package dhcp-client-beta
2.0b1pl6-0.3 for the current stable release (debian 2.1) and in dhcp-client
2.0-3potato1 for the frozen pre-release (debian 2.2). The dhcp server and relay
agents are built from the same source as the client; however, the server and
relay agents are not vulnerable to this issue and do not need to be upgraded.
We recommend upgrading your dhcp-client-beta and dhcp-client immediately.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

Debian GNU/Linux 2.1 alias slink
- --------------------------------

  This version of Debian was released only for Intel ia32, the Motorola
  680x0, the alpha and the Sun sparc architecture.

  Source archives:
      MD5 checksum: 90e5a3d2e299aad278b10186b02c1d7b
      MD5 checksum: 9d15d1043a092b103fdbac2827470d5b
      MD5 checksum: 2b63a90b272f087afb24c8f4ca72d3bd

  Alpha architecture:
      MD5 checksum: 668d2f48562297d8e5e4d30ac2f81914
      MD5 checksum: c3966535396dc550408eb8f0544fab34
      MD5 checksum: ba634900487c740efc262b323dc97d98

  Intel ia32 architecture:
      MD5 checksum: e499e80e9906c7e412df40a75a16ece4
      MD5 checksum: c139d79a9f4a19e12c36108897b8335c
      MD5 checksum: 0040eba75e437b961070218e7c8c2949

  Motorola 680x0 architecture:
      MD5 checksum: 4027b4da37034c63612678c16743864e
      MD5 checksum: 4b6ef60ff3b93ffa8d4ebe03d5dac4db
      MD5 checksum: 232876b42a696989e6a3aff2214596ac

  Sun Sparc architecture:
      MD5 checksum: 68f64e910a56e229bf06ab7f4bbae58d
      MD5 checksum: 1aec24648990145058166416e08c3648
      MD5 checksum: c5af416bb6c447ea9fb531cf8b3ddddd

  These files will be moved into*/binary-$arch/ soon.

Debian GNU/Linux 2.2 alias potato
- ---------------------------------

  Please note that potato has not been released yet. However since it is in
  the final stages of the release process security updates are already being

  Source archives:
      MD5 checksum: 40d365a28b6278cdeea7208ca06b1bde
      MD5 checksum: 31a4060c49ef699ddfb2d431450a8993
      MD5 checksum: eff5d5359a50f878e4c0da082bf10475

  Alpha architecture:
      MD5 checksum: b4d9ca359de9bdcffaad04ff9683b262
      MD5 checksum: 1c790b774617f1434c1be8215090c3e9
      MD5 checksum: 4d67ac7c8dabbe24df698ab322862480

  ARM architecture:
      MD5 checksum: 5bf5b55723279bd632b93368ed2bcfcb
      MD5 checksum: a50aef6eeca2f268bb824b6a46375d0c
      MD5 checksum: 1a01cbd7073e45aee598377645a752bf
      MD5 checksum: 9faeaec3a831510179c4e3a6ea50ff52

  Intel ia32 architecture:
      MD5 checksum: 73c893f4c87c20a48607fda52d34d7da
      MD5 checksum: b18ca08c0e0c3ceed171c08c881730c3
      MD5 checksum: da3735ce715897893c88cfb7539749bf

  Motorola 680x0 architecture:
      MD5 checksum: 7893850b9ed93ae41014dcba451530c3
      MD5 checksum: 64a03a6a18de8c3f51737dbdea674271
      MD5 checksum: 4006f5fbe178e3e008d03a9b945880db

  PowerPC architecture:
      MD5 checksum: f24bde7e97de3241ba3684cc027a5854
      MD5 checksum: 5ad85017bae30f087c353653352f64f0
      MD5 checksum: e15b22f787231cf0f368d16932025a5c

  Sun Sparc architecture:
      MD5 checksum: 464e251bbe127d25e3812d2edca4b3d6
      MD5 checksum: 5c7a405a8bf604114c9b16ebad69aee1
      MD5 checksum: 862808cee5fb3c8c025641cffb3f01f7

- ----------------------------------------------------------------------------
For apt-get: deb stable updates
For dpkg-ftp: dists/stable/updates
Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

Version: 2.6.3ia
Charset: noconv



LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"42","type":"x","order":"1","pct":84,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"4","type":"x","order":"2","pct":8,"resources":[]},{"id":"181","title":"Hardly ever","votes":"4","type":"x","order":"3","pct":8,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.



bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.