Linux Security
Linux Security
Linux Security

Debian: DSA-1833-2: New dhcp3 packages fix arbitrary code execution

Date 25 Aug 2009
Posted By LinuxSecurity Advisories
The previous dhcp3 update (DSA-1833-1) did not properly apply the required changes to the stable (lenny) version. The old stable (etch) version is not affected by this problem.
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1833-2                  This email address is being protected from spambots. You need JavaScript enabled to view it.                           Florian Weimer
August 25, 2009             
- ------------------------------------------------------------------------

Package        : dhcp3
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2009-0692 CVE-2009-1892
CERT advisory  : VU#410676

The previous dhcp3 update (DSA-1833-1) did not properly apply the
required changes to the stable (lenny) version.  The old stable (etch)
version is not affected by this problem.

The original advisory description follows.

Several remote vulnerabilities have been discovered in ISC's DHCP

It was discovered that dhclient does not properly handle overlong
subnet mask options, leading to a stack-based buffer overflow and
possible arbitrary code execution.  (CVE-2009-0692)

Christoph Biedl discovered that the DHCP server may terminate when
receiving certain well-formed DHCP requests, provided that the server
configuration mixes host definitions using "dhcp-client-identifier"
and "hardware ethernet".  This vulnerability only affects the lenny
versions of dhcp3-server and dhcp3-server-ldap.  (CVE-2009-1892)

For the stable distribution (lenny), this problem has been fixed in
version 3.1.1-6+lenny3.

We recommend that you upgrade your dhcp3 packages.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Source archives:
    Size/MD5 checksum:   798228 fcc19330a9c3a0efb5620409214652a9
    Size/MD5 checksum:     1488 b884753ce46061cc6e0e6a783d7c24a3
    Size/MD5 checksum:   128921 178f7799fbe3e8fb5a0472a8060bebf7

Architecture independent packages:
    Size/MD5 checksum:    23010 e772483a84fdca84407e39556188a13e

alpha architecture (DEC Alpha)
    Size/MD5 checksum:   148302 296381030181bf29e5185823472c34c7
    Size/MD5 checksum:   348542 910f44119d0cbcefdfdb0496b72f75c0
    Size/MD5 checksum:   272004 63e37fc50ae798ad86713ff354f5b996
    Size/MD5 checksum:   394460 a77802ce027f350aed83be710c92fa9f
    Size/MD5 checksum:   215132 ea9207b439e373b7cda0633600fc2a66
    Size/MD5 checksum:   127514 f1287179244c1684b1a892c187624425
    Size/MD5 checksum:   333782 713d3ad0235144a0537d747a66766b6a

amd64 architecture (AMD x86_64 (AMD64))
    Size/MD5 checksum:   310356 6fb09a20cce949a6edd1a9a628863a2d
    Size/MD5 checksum:   114266 bb511a3be6b474ba6233a00bd70d52b3
    Size/MD5 checksum:   188422 f2aaca0e2a93c0b3647d6cebc2dc515e
    Size/MD5 checksum:   358418 15b92a206a5f782b91ef21a1cb89d8c1
    Size/MD5 checksum:   245246 22f8d4e550561f67ac9145e114281d30
    Size/MD5 checksum:   313224 2033f60c749a3e71631a5b153a77ae27
    Size/MD5 checksum:   120442 f86b93961879963e2ea5dc0c5f2d344c

arm architecture (ARM)
    Size/MD5 checksum:   226592 ddba5071d36b331c5a001b67a1b94410
    Size/MD5 checksum:   291194 4673741acf27ce06150203ea2cfde77f
    Size/MD5 checksum:   103716 cfa5568781f496e02e490ad803b79acc
    Size/MD5 checksum:   336408 56415a0df425eace6189f47585a63c01
    Size/MD5 checksum:   108910 efb3c5019520090a189212af9b6dcf3d
    Size/MD5 checksum:   292858 3d1d50251c7953847178a888e6cd91cf
    Size/MD5 checksum:   170066 18a05aa4dfe765c6cc3f99b31e77ecac

armel architecture (ARM EABI)
    Size/MD5 checksum:   227670 41fc7a60258569b01280b594d6293264
    Size/MD5 checksum:   337326 266b173681f5c3ea777ae7710cbee665
    Size/MD5 checksum:   109000 d04801f4eb76218ff8d8e791acef63ad
    Size/MD5 checksum:   103446 dd8d97b1c2364fd1995861454b1fc4a4
    Size/MD5 checksum:   170862 6d71afbbe92432bd1a97c264cfd63561
    Size/MD5 checksum:   293940 13e80b7f3b18b939c59193433f72e7b5
    Size/MD5 checksum:   293866 e1aaacdd2982b92f1e08126a8a8f2651

hppa architecture (HP PA RISC)
    Size/MD5 checksum:   128540 42870a2ec98979a8c59e23bc6fab70f6
    Size/MD5 checksum:   324744 243543866ed9202ce92e9ddc8341fd22
    Size/MD5 checksum:   252142 d0e2729de7ff5da898457d7ee7d1b006
    Size/MD5 checksum:   315534 1657f330bf1b1aacb9b14b419ad003a5
    Size/MD5 checksum:   369264 20f45be07aa3a831d7ea7a3dfaece2d1
    Size/MD5 checksum:   194978 aa479a0645490f800b342aff92bef059
    Size/MD5 checksum:   116256 dbb01f0c3302f6e35a30e8e5572bf244

i386 architecture (Intel ia32)
    Size/MD5 checksum:   286974 7129977793036958290bbae514dbf1d6
    Size/MD5 checksum:   289992 ea449e5b736070fae42f67792eb0e47e
    Size/MD5 checksum:   223668 d943808ec256705e0950fe652bb6f9b4
    Size/MD5 checksum:   102102 2522fcb18f0a6f4aa2f8bbc07427e237
    Size/MD5 checksum:   167012 e642d66307eff2f9a6ece11291b4a06d
    Size/MD5 checksum:   332706 647086523305d950e2aebc1805cf2e92
    Size/MD5 checksum:   106618 c0430456e7d746d57fd58a676147950f

ia64 architecture (Intel ia64)
    Size/MD5 checksum:   155090 8f8b0bfb1d3e0755c15df15fc920a8af
    Size/MD5 checksum:   289292 c997f11a86e7df414bacbad0e5e944be
    Size/MD5 checksum:   159892 12cd71f2e058c63a602d74983adb5c39
    Size/MD5 checksum:   464804 ceb110ae2899d450987ca83dfdb38944
    Size/MD5 checksum:   347522 4c9f4bdec5669dc29b46a6e83a4fa5ef
    Size/MD5 checksum:   508092 a1a293a6ddee469e040d7ff364ee791a
    Size/MD5 checksum:   400328 937f8ee9ac9d25af6921222e7b92a108

mips architecture (MIPS (Big Endian))
    Size/MD5 checksum:   123936 53d5f37d69d182cbbe312f52550a84b1
    Size/MD5 checksum:   114502 dee95947cb21084abf748e8a42960846
    Size/MD5 checksum:   188178 2926264f19c138bdd2c72458606e4c0c
    Size/MD5 checksum:   359836 a903759df5a549c6a5e3aa227790fe04
    Size/MD5 checksum:   308718 a476ebabd4537f41f1d5a787ea7ff9fa
    Size/MD5 checksum:   245276 c95b1fccff2d8ad01b5cbc4981eeac8c
    Size/MD5 checksum:   314998 80f09a90d259ce66a342447d98a9a379

mipsel architecture (MIPS (Little Endian))
    Size/MD5 checksum:   247700 eda49dcddd8fdfd58b85645c315c5faf
    Size/MD5 checksum:   310874 a05df96245d09530155f9e81bd63a4fb
    Size/MD5 checksum:   362206 a57eeaf69fd65711afe6cb5417e5f0df
    Size/MD5 checksum:   125542 4a1784603dae8acfae95d4f9d0ce8e30
    Size/MD5 checksum:   190284 30cff1bafcc1ba24b5b5ab7495798dea
    Size/MD5 checksum:   116262 f3956046702a31009c21bc4a18279052
    Size/MD5 checksum:   317264 25bb814dfa93b8114fc6d0a0ddd0cbdf

powerpc architecture (PowerPC)
    Size/MD5 checksum:   111052 8e0dfe581f4cfb3bcd0e74490cbcffab
    Size/MD5 checksum:   119514 99c8afb47de64f36a82db6cd21513476
    Size/MD5 checksum:   241126 e779f852e414e537a35295f238d38356
    Size/MD5 checksum:   353466 9af62ed705a6ae46b208579dfa481d6a
    Size/MD5 checksum:   183816 4438592b9fdf9117b8c037a7047ee5f8
    Size/MD5 checksum:   310638 3d93a3137afe44b45de6c398bdb701c8
    Size/MD5 checksum:   304958 b2a44d63cc34124883564f5296ef18e7

s390 architecture (IBM S/390)
    Size/MD5 checksum:   117592 db3a8ae34c5e3a836dbf9e72c5067a90
    Size/MD5 checksum:   348950 3ecac83017405ee2aa924cfb5905233d
    Size/MD5 checksum:   182078 35859dae5c87aae0fef90f2ab796714e
    Size/MD5 checksum:   112450 1243ac51995a6a6492d8b3da08d6fd5a
    Size/MD5 checksum:   239428 ea577141dbeff528fa9b431fd712d7e8
    Size/MD5 checksum:   303426 546d21f56cfad698fa28856cc2181c19
    Size/MD5 checksum:   303700 4e76286fe1a10d48537c4246b35526b9

sparc architecture (Sun SPARC/UltraSPARC)
    Size/MD5 checksum:   283826 c0f5fce1f190aabd11b1851636af3ea3
    Size/MD5 checksum:   324576 13f0ac8544ff2f50b27a44dc1d0e5e95
    Size/MD5 checksum:   279396 6171cb5605c87dddaa215eba5f15e38d
    Size/MD5 checksum:   218466 e3fab612bad763549dd5d4cd94dd6892
    Size/MD5 checksum:   101600 d5d9016bdb0723205e3b0e5463315fda
    Size/MD5 checksum:   109816 85e004868374d6dbc78255efff2fbf7f
    Size/MD5 checksum:   161378 2b4b855d8e3b8790e34a3de715df9db2

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
Package info: `apt-cache show ' and

LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"64","type":"x","order":"1","pct":76.19,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"13","type":"x","order":"2","pct":15.48,"resources":[]},{"id":"181","title":"Hardly ever","votes":"7","type":"x","order":"3","pct":8.33,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.



bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.