Debian: DSA-1833-2: New dhcp3 packages fix arbitrary code execution

    Date25 Aug 2009
    CategoryDebian
    112
    Posted ByLinuxSecurity Advisories
    The previous dhcp3 update (DSA-1833-1) did not properly apply the required changes to the stable (lenny) version. The old stable (etch) version is not affected by this problem.
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    - ------------------------------------------------------------------------
    Debian Security Advisory DSA-1833-2                  This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.debian.org/security/                           Florian Weimer
    August 25, 2009                       http://www.debian.org/security/faq
    - ------------------------------------------------------------------------
    
    Package        : dhcp3
    Vulnerability  : several
    Problem type   : remote
    Debian-specific: no
    CVE Id(s)      : CVE-2009-0692 CVE-2009-1892
    CERT advisory  : VU#410676
    
    The previous dhcp3 update (DSA-1833-1) did not properly apply the
    required changes to the stable (lenny) version.  The old stable (etch)
    version is not affected by this problem.
    
    The original advisory description follows.
    
    Several remote vulnerabilities have been discovered in ISC's DHCP
    implementation:
    
    It was discovered that dhclient does not properly handle overlong
    subnet mask options, leading to a stack-based buffer overflow and
    possible arbitrary code execution.  (CVE-2009-0692)
    
    Christoph Biedl discovered that the DHCP server may terminate when
    receiving certain well-formed DHCP requests, provided that the server
    configuration mixes host definitions using "dhcp-client-identifier"
    and "hardware ethernet".  This vulnerability only affects the lenny
    versions of dhcp3-server and dhcp3-server-ldap.  (CVE-2009-1892)
    
    For the stable distribution (lenny), this problem has been fixed in
    version 3.1.1-6+lenny3.
    
    We recommend that you upgrade your dhcp3 packages.
    
    Upgrade instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 5.0 alias lenny
    - --------------------------------
    
    Source archives:
    
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.1.1.orig.tar.gz
        Size/MD5 checksum:   798228 fcc19330a9c3a0efb5620409214652a9
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.1.1-6+lenny3.dsc
        Size/MD5 checksum:     1488 b884753ce46061cc6e0e6a783d7c24a3
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.1.1-6+lenny3.diff.gz
        Size/MD5 checksum:   128921 178f7799fbe3e8fb5a0472a8060bebf7
    
    Architecture independent packages:
    
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp-client_3.1.1-6+lenny3_all.deb
        Size/MD5 checksum:    23010 e772483a84fdca84407e39556188a13e
    
    alpha architecture (DEC Alpha)
    
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_alpha.deb
        Size/MD5 checksum:   148302 296381030181bf29e5185823472c34c7
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_alpha.deb
        Size/MD5 checksum:   348542 910f44119d0cbcefdfdb0496b72f75c0
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_alpha.deb
        Size/MD5 checksum:   272004 63e37fc50ae798ad86713ff354f5b996
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_alpha.deb
        Size/MD5 checksum:   394460 a77802ce027f350aed83be710c92fa9f
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_alpha.udeb
        Size/MD5 checksum:   215132 ea9207b439e373b7cda0633600fc2a66
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_alpha.deb
        Size/MD5 checksum:   127514 f1287179244c1684b1a892c187624425
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_alpha.deb
        Size/MD5 checksum:   333782 713d3ad0235144a0537d747a66766b6a
    
    amd64 architecture (AMD x86_64 (AMD64))
    
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_amd64.deb
        Size/MD5 checksum:   310356 6fb09a20cce949a6edd1a9a628863a2d
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_amd64.deb
        Size/MD5 checksum:   114266 bb511a3be6b474ba6233a00bd70d52b3
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_amd64.udeb
        Size/MD5 checksum:   188422 f2aaca0e2a93c0b3647d6cebc2dc515e
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_amd64.deb
        Size/MD5 checksum:   358418 15b92a206a5f782b91ef21a1cb89d8c1
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_amd64.deb
        Size/MD5 checksum:   245246 22f8d4e550561f67ac9145e114281d30
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_amd64.deb
        Size/MD5 checksum:   313224 2033f60c749a3e71631a5b153a77ae27
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_amd64.deb
        Size/MD5 checksum:   120442 f86b93961879963e2ea5dc0c5f2d344c
    
    arm architecture (ARM)
    
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_arm.deb
        Size/MD5 checksum:   226592 ddba5071d36b331c5a001b67a1b94410
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_arm.deb
        Size/MD5 checksum:   291194 4673741acf27ce06150203ea2cfde77f
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_arm.deb
        Size/MD5 checksum:   103716 cfa5568781f496e02e490ad803b79acc
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_arm.deb
        Size/MD5 checksum:   336408 56415a0df425eace6189f47585a63c01
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_arm.deb
        Size/MD5 checksum:   108910 efb3c5019520090a189212af9b6dcf3d
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_arm.deb
        Size/MD5 checksum:   292858 3d1d50251c7953847178a888e6cd91cf
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_arm.udeb
        Size/MD5 checksum:   170066 18a05aa4dfe765c6cc3f99b31e77ecac
    
    armel architecture (ARM EABI)
    
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_armel.deb
        Size/MD5 checksum:   227670 41fc7a60258569b01280b594d6293264
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_armel.deb
        Size/MD5 checksum:   337326 266b173681f5c3ea777ae7710cbee665
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_armel.deb
        Size/MD5 checksum:   109000 d04801f4eb76218ff8d8e791acef63ad
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_armel.deb
        Size/MD5 checksum:   103446 dd8d97b1c2364fd1995861454b1fc4a4
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_armel.udeb
        Size/MD5 checksum:   170862 6d71afbbe92432bd1a97c264cfd63561
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_armel.deb
        Size/MD5 checksum:   293940 13e80b7f3b18b939c59193433f72e7b5
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_armel.deb
        Size/MD5 checksum:   293866 e1aaacdd2982b92f1e08126a8a8f2651
    
    hppa architecture (HP PA RISC)
    
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_hppa.deb
        Size/MD5 checksum:   128540 42870a2ec98979a8c59e23bc6fab70f6
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_hppa.deb
        Size/MD5 checksum:   324744 243543866ed9202ce92e9ddc8341fd22
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_hppa.deb
        Size/MD5 checksum:   252142 d0e2729de7ff5da898457d7ee7d1b006
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_hppa.deb
        Size/MD5 checksum:   315534 1657f330bf1b1aacb9b14b419ad003a5
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_hppa.deb
        Size/MD5 checksum:   369264 20f45be07aa3a831d7ea7a3dfaece2d1
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_hppa.udeb
        Size/MD5 checksum:   194978 aa479a0645490f800b342aff92bef059
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_hppa.deb
        Size/MD5 checksum:   116256 dbb01f0c3302f6e35a30e8e5572bf244
    
    i386 architecture (Intel ia32)
    
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_i386.deb
        Size/MD5 checksum:   286974 7129977793036958290bbae514dbf1d6
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_i386.deb
        Size/MD5 checksum:   289992 ea449e5b736070fae42f67792eb0e47e
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_i386.deb
        Size/MD5 checksum:   223668 d943808ec256705e0950fe652bb6f9b4
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_i386.deb
        Size/MD5 checksum:   102102 2522fcb18f0a6f4aa2f8bbc07427e237
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_i386.udeb
        Size/MD5 checksum:   167012 e642d66307eff2f9a6ece11291b4a06d
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_i386.deb
        Size/MD5 checksum:   332706 647086523305d950e2aebc1805cf2e92
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_i386.deb
        Size/MD5 checksum:   106618 c0430456e7d746d57fd58a676147950f
    
    ia64 architecture (Intel ia64)
    
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_ia64.deb
        Size/MD5 checksum:   155090 8f8b0bfb1d3e0755c15df15fc920a8af
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_ia64.udeb
        Size/MD5 checksum:   289292 c997f11a86e7df414bacbad0e5e944be
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_ia64.deb
        Size/MD5 checksum:   159892 12cd71f2e058c63a602d74983adb5c39
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_ia64.deb
        Size/MD5 checksum:   464804 ceb110ae2899d450987ca83dfdb38944
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_ia64.deb
        Size/MD5 checksum:   347522 4c9f4bdec5669dc29b46a6e83a4fa5ef
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_ia64.deb
        Size/MD5 checksum:   508092 a1a293a6ddee469e040d7ff364ee791a
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_ia64.deb
        Size/MD5 checksum:   400328 937f8ee9ac9d25af6921222e7b92a108
    
    mips architecture (MIPS (Big Endian))
    
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_mips.deb
        Size/MD5 checksum:   123936 53d5f37d69d182cbbe312f52550a84b1
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_mips.deb
        Size/MD5 checksum:   114502 dee95947cb21084abf748e8a42960846
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_mips.udeb
        Size/MD5 checksum:   188178 2926264f19c138bdd2c72458606e4c0c
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_mips.deb
        Size/MD5 checksum:   359836 a903759df5a549c6a5e3aa227790fe04
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_mips.deb
        Size/MD5 checksum:   308718 a476ebabd4537f41f1d5a787ea7ff9fa
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_mips.deb
        Size/MD5 checksum:   245276 c95b1fccff2d8ad01b5cbc4981eeac8c
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_mips.deb
        Size/MD5 checksum:   314998 80f09a90d259ce66a342447d98a9a379
    
    mipsel architecture (MIPS (Little Endian))
    
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_mipsel.deb
        Size/MD5 checksum:   247700 eda49dcddd8fdfd58b85645c315c5faf
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_mipsel.deb
        Size/MD5 checksum:   310874 a05df96245d09530155f9e81bd63a4fb
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_mipsel.deb
        Size/MD5 checksum:   362206 a57eeaf69fd65711afe6cb5417e5f0df
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_mipsel.deb
        Size/MD5 checksum:   125542 4a1784603dae8acfae95d4f9d0ce8e30
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_mipsel.udeb
        Size/MD5 checksum:   190284 30cff1bafcc1ba24b5b5ab7495798dea
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_mipsel.deb
        Size/MD5 checksum:   116262 f3956046702a31009c21bc4a18279052
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_mipsel.deb
        Size/MD5 checksum:   317264 25bb814dfa93b8114fc6d0a0ddd0cbdf
    
    powerpc architecture (PowerPC)
    
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_powerpc.deb
        Size/MD5 checksum:   111052 8e0dfe581f4cfb3bcd0e74490cbcffab
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_powerpc.deb
        Size/MD5 checksum:   119514 99c8afb47de64f36a82db6cd21513476
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_powerpc.deb
        Size/MD5 checksum:   241126 e779f852e414e537a35295f238d38356
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_powerpc.deb
        Size/MD5 checksum:   353466 9af62ed705a6ae46b208579dfa481d6a
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_powerpc.udeb
        Size/MD5 checksum:   183816 4438592b9fdf9117b8c037a7047ee5f8
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_powerpc.deb
        Size/MD5 checksum:   310638 3d93a3137afe44b45de6c398bdb701c8
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_powerpc.deb
        Size/MD5 checksum:   304958 b2a44d63cc34124883564f5296ef18e7
    
    s390 architecture (IBM S/390)
    
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_s390.deb
        Size/MD5 checksum:   117592 db3a8ae34c5e3a836dbf9e72c5067a90
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_s390.deb
        Size/MD5 checksum:   348950 3ecac83017405ee2aa924cfb5905233d
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_s390.udeb
        Size/MD5 checksum:   182078 35859dae5c87aae0fef90f2ab796714e
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_s390.deb
        Size/MD5 checksum:   112450 1243ac51995a6a6492d8b3da08d6fd5a
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_s390.deb
        Size/MD5 checksum:   239428 ea577141dbeff528fa9b431fd712d7e8
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_s390.deb
        Size/MD5 checksum:   303426 546d21f56cfad698fa28856cc2181c19
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_s390.deb
        Size/MD5 checksum:   303700 4e76286fe1a10d48537c4246b35526b9
    
    sparc architecture (Sun SPARC/UltraSPARC)
    
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_sparc.deb
        Size/MD5 checksum:   283826 c0f5fce1f190aabd11b1851636af3ea3
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_sparc.deb
        Size/MD5 checksum:   324576 13f0ac8544ff2f50b27a44dc1d0e5e95
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_sparc.deb
        Size/MD5 checksum:   279396 6171cb5605c87dddaa215eba5f15e38d
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_sparc.deb
        Size/MD5 checksum:   218466 e3fab612bad763549dd5d4cd94dd6892
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_sparc.deb
        Size/MD5 checksum:   101600 d5d9016bdb0723205e3b0e5463315fda
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_sparc.deb
        Size/MD5 checksum:   109816 85e004868374d6dbc78255efff2fbf7f
      http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_sparc.udeb
        Size/MD5 checksum:   161378 2b4b855d8e3b8790e34a3de715df9db2
    
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb http://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and http://packages.debian.org/
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"14","type":"x","order":"1","pct":53.85,"resources":[]},{"id":"88","title":"Should be more technical","votes":"4","type":"x","order":"2","pct":15.38,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"8","type":"x","order":"3","pct":30.77,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.