Linux Security
    Linux Security
    Linux Security

    Debian: dhcp3 multiple vulnerabilities

    Posted By
    The Internet Software Consortium discoverd several vulnerabilities during an audit of the ISC DHCP Daemon.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 231-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.                             Martin Schulze
    January 17th, 2003             
    - --------------------------------------------------------------------------
    Package        : dhcp3
    Vulnerability  : stack overflows
    Problem-Type   : remote
    Debian-specific: no
    CVE Id         : CAN-2003-0026
    CERT advisory  : VU#284857 CA-2003-01
    The Internet Software Consortium discoverd several vulnerabilities
    during an audit of the ISC DHCP Daemon.  The vulnerabilities exist in
    error handling routines within the minires library and may be
    exploitable as stack overflows.  This could allow a remote attacker to
    execute arbitrary code under the user id the dhcpd runs under, usually
    root.  Other DHCP servers than dhcp3 doesn't seem to be affected.
    For the stable distribution (woody) this problem has been
    fixed in version 3.0+3.0.1rc9-2.1.
    The old stable distribution (potato) does not contain dhcp3 packages.
    For the unstable distribution (sid) this problem has been fixed in
    version 3.0+3.0.1rc11-1.
    We recommend that you upgrade your dhcp3-server package.
    Upgrade Instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 3.0 alias woody
    - --------------------------------
      Source archives:
          Size/MD5 checksum:      730 37209f2e8ff29f9d38e4f812183a8321
          Size/MD5 checksum:    23781 d6b2e0bcf1b32d52423202ae5f988cf6
          Size/MD5 checksum:   809803 3cc4758e5a59362315393a1874dfcb21
      Alpha architecture:
          Size/MD5 checksum:   416508 773f104e93a351675621d4b812dedb0d
          Size/MD5 checksum:   216042 2a7c64e688ca68bf0b227334ba2d7833
          Size/MD5 checksum:   106842 9020774e6cdc310a3a3cf2a42ba58d63
          Size/MD5 checksum:   287082 189f63d99acb438981c10800d7783d44
          Size/MD5 checksum:   526816 08d076cefd29fa5e0055fda006cac383
      ARM architecture:
          Size/MD5 checksum:   386804 842b5eb5de805516022bada7f0094822
          Size/MD5 checksum:   188558 5dbbd9b9ab025f52024b19627bfbdc72
          Size/MD5 checksum:    93316 57bfc9321b7d10ae70ec6214d59bcb2f
          Size/MD5 checksum:   273220 6a99a3da6a633477ae430d92f68f2184
          Size/MD5 checksum:   484438 677cd67a76fc9814fe2a7c3ca4a1a492
      Intel IA-32 architecture:
          Size/MD5 checksum:   375234 eadc1375ff236a3f6fd831340fa23bb2
          Size/MD5 checksum:   178496 afd9dda61da369a5ff76b15803fd4136
          Size/MD5 checksum:    82020 6137706b46e9b5d0f8d85bf0188f2050
          Size/MD5 checksum:   269162 289c850ffa01157b09537ec57bf25d0c
          Size/MD5 checksum:   465074 fae064fc37dede8a61bf836248e97e34
      Intel IA-64 architecture:
          Size/MD5 checksum:   549968 cf516c3021a7a9467d0bd5e8bc5467c4
          Size/MD5 checksum:   339122 abfcc44debcca325e01b76031536bacd
          Size/MD5 checksum:   134170 d2683f5f882b01422dab6ee93983c0a5
          Size/MD5 checksum:   348612 97101d3f841d5509f61664e27158cf23
          Size/MD5 checksum:   701398 5bc9980f56c7830a04f21bfedb228959
      HP Precision architecture:
          Size/MD5 checksum:   384788 f733a3a7db9c641cff4594212f275984
          Size/MD5 checksum:   188118 5928747afeb44dfd8cfd8e02c332068f
          Size/MD5 checksum:    92962 2044c3e40799aeb2d328b6084d611016
          Size/MD5 checksum:   274626 cba0f35f3a64f21ee4f6d913bb3fa293
          Size/MD5 checksum:   477908 58ca5c2bc695aaccfea6052e37767dec
      Motorola 680x0 architecture:
          Size/MD5 checksum:   364506 a78a9398f67bbf9083958cc98b2298a5
          Size/MD5 checksum:   168460 9ca486cd937a27d066fd33af2fa448c9
          Size/MD5 checksum:    79196 fce453cdd71d77bbb8a69af8e03fe24b
          Size/MD5 checksum:   264088 6b2a21514111f691e382711a488c2121
          Size/MD5 checksum:   451034 c26bf487dec970ea2eb77d7420574b31
      Big endian MIPS architecture:
          Size/MD5 checksum:   397524 fda141ea4a15b1ac3bd556d182cc77f2
          Size/MD5 checksum:   198432 c44d48cb08d6645f4d371575e0c65497
          Size/MD5 checksum:    94642 0a0b958f68e4e1c476db1c5cd71ff84e
          Size/MD5 checksum:   281424 f01760c830e76d99c0d3dff61f41474c
          Size/MD5 checksum:   496270 84398a69046aad6340b0235fffae8f64
      Little endian MIPS architecture:
          Size/MD5 checksum:   397100 1cf221ff34d407a50ff39947578141b4
          Size/MD5 checksum:   197736 eb08eba8000fba3315df4e940f520e40
          Size/MD5 checksum:    94786 99c4b8f8cc0d9849bf72e3d43b5e4f87
          Size/MD5 checksum:   281390 96e869af7f9d8e008fcde2269d676f45
          Size/MD5 checksum:   495938 d3c899c409c26461e80c85aff382d3e4
      PowerPC architecture:
          Size/MD5 checksum:   374958 6f37a18a820304e9ef9ed120b14e69c6
          Size/MD5 checksum:   178404 502b47d01b6ad7d1c74aa9080edf1f8f
          Size/MD5 checksum:    91016 1970d5daa075c804d17c39ae6e376255
          Size/MD5 checksum:   269668 494ebd8a9950a30ac5e013d41e6a0457
          Size/MD5 checksum:   466796 3588ff1f5d220f236323aaebb61988b2
      IBM S/390 architecture:
          Size/MD5 checksum:   374752 f1a1624c38f20ace387730b3cdb71257
          Size/MD5 checksum:   177730 00faaea3e1a30546324b248b92980857
          Size/MD5 checksum:    82992 9c1b2a9abadce85355d43e9a6cd1d0bb
          Size/MD5 checksum:   270624 03c36acf2b87cab9fcea4a39f0ec329f
          Size/MD5 checksum:   465288 2937d4f9c371bd72409e8c9216d145e9
      Sun Sparc architecture:
          Size/MD5 checksum:   375362 69a5e5399e2a980e182405c63525c792
          Size/MD5 checksum:   178340 fd6d34c44429e67dd1661ee5f3563748
          Size/MD5 checksum:    87262 77c318418e23c496bfbeb351075a8909
          Size/MD5 checksum:   271132 c95e510874e1b1de7d3cec63c2a43887
          Size/MD5 checksum:   465422 7d42532c3ecc241a5ec81215f3ad22d6
      These files will probably be moved into the stable distribution on
      its next revision.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and


    LinuxSecurity Poll

    How are you contributing to Open Source?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    [{"id":"127","title":"I'm involved with the development of an open-source project(s).","votes":"2","type":"x","order":"1","pct":100,"resources":[]},{"id":"128","title":"I've reported vulnerabilities I've discovered in open-source code.","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"129","title":"I've provided developers with feedback on their projects.","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"130","title":"I've helped another community member get started contributing to Open Source.","votes":"0","type":"x","order":"4","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.