Debian: New dhcp packages fix arbitrary code execution

    Date18 Oct 2007
    CategoryDebian
    3413
    Posted ByLinuxSecurity Advisories
    It was discovered that dhcp, a DHCP server for automatic IP address assignment, didn't correctly allocate space for network replies. This could potentially allow a malicious DHCP client to execute arbitary code upon the DHCP server.
    - ------------------------------------------------------------------------
    Debian Security Advisory DSA 1388-1                  This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.debian.org/security/                               Steve Kemp
    October 18th, 2007                    http://www.debian.org/security/faq
    - ------------------------------------------------------------------------
    
    Package        : dhcp
    Vulnerability  : buffer overflow
    Problem type   : remote
    Debian-specific: no
    CVE Id(s)      : CVE-2007-5365
    Debian Bug     : 446354
    
    It was discovered that dhcp, a DHCP server for automatic IP address assignment,
    didn't correctly allocate space for network replies.  This could potentially
    allow a malicious DHCP client to execute arbitary code upon the DHCP server.
    
    For the old stable distribution (sarge), this problem has been fixed in
    version 2.0pl5-19.1sarge3.
    
    For the stable distribution (etch), this problem has been fixed in
    version 2.0pl5-19.5etch1.
    
    For the unstable distribution (sid), this problem will be fixed shortly.
    
    We recommend that you upgrade your dhcp package.
    
    
    Upgrade instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
    
    Source archives:
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3.diff.gz
        Size/MD5 checksum:    86946 9a8f4a8219d0df0ea8d00a766afb1cb3
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3.dsc
        Size/MD5 checksum:      687 22ac1bac4dbdd4bb034921b496eb7ad8
    
    alpha architecture (DEC Alpha)
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_alpha.udeb
        Size/MD5 checksum:    53920 bdcdd8fe476006baff32bba6797ce8f6
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_alpha.deb
        Size/MD5 checksum:    80140 e2a2bea48927595e106b4f1261107e0b
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_alpha.deb
        Size/MD5 checksum:   122328 d6090dcc6f6ea0dd216723fe67495485
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_alpha.deb
        Size/MD5 checksum:   115802 b9e74f333e37f9cb54b417f436eb3ef7
    
    amd64 architecture (AMD x86_64 (AMD64))
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_amd64.deb
        Size/MD5 checksum:   108782 e2c5b850e6d2cfaeee28e8a0cea6e978
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_amd64.deb
        Size/MD5 checksum:    76042 4482f2e622739b61bb36fa5709b7ba97
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_amd64.deb
        Size/MD5 checksum:   116080 c3be5b81038f5f29ccf50726fb111cfc
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_amd64.udeb
        Size/MD5 checksum:    47164 34edcdd4ec9571f151dd7ba763967fa2
    
    arm architecture (ARM)
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_arm.deb
        Size/MD5 checksum:   113770 046155a2ebcaeff5177fa053acbf38b9
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_arm.udeb
        Size/MD5 checksum:    45586 e167fa982d418f5139d0acada21e582d
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_arm.deb
        Size/MD5 checksum:    73770 46378f1b6fd06f3861cea60854847f68
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_arm.deb
        Size/MD5 checksum:   106770 c1c4485c8c2cf462c532fae2a59805ab
    
    i386 architecture (Intel ia32)
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_i386.deb
        Size/MD5 checksum:   102632 c536a455a338b39df9e422f8014aee5c
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_i386.deb
        Size/MD5 checksum:    71246 e83e575491184c6e43311cbb9a3b7c76
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_i386.udeb
        Size/MD5 checksum:    40786 0521d5a40275999472be2c6adea13dcd
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_i386.deb
        Size/MD5 checksum:   108930 fc742b760b3130fc35fbdca1b543e9ab
    
    ia64 architecture (Intel ia64)
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_ia64.udeb
        Size/MD5 checksum:    74626 02a39276494c2c4d574450c84b9d308e
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_ia64.deb
        Size/MD5 checksum:   144928 8bc8479e568cdea075d4b0cf198e8592
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_ia64.deb
        Size/MD5 checksum:   137028 4b5da9ec5ec04878824ad502dd403c75
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_ia64.deb
        Size/MD5 checksum:    93024 35b3637bcd1e85aa83210ce8c57954bb
    
    mips architecture (MIPS (Big Endian))
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_mips.deb
        Size/MD5 checksum:   118660 1e023c911ba9fe95c5c6fcf7fbf7534f
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_mips.deb
        Size/MD5 checksum:    78120 5fb2f640d4851d9070c3a78cd53f5c53
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_mips.deb
        Size/MD5 checksum:   111706 a9a34701ec8a1a8f28213f7489b54bca
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_mips.udeb
        Size/MD5 checksum:    49782 81e2aac3e0696cbd0c64ddd96f06d199
    
    mipsel architecture (MIPS (Little Endian))
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_mipsel.udeb
        Size/MD5 checksum:    49280 7f50fa3fa7c991891da6e7ae7efc3370
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_mipsel.deb
        Size/MD5 checksum:   118208 6945230b5dd6efea120965f2d66118a2
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_mipsel.deb
        Size/MD5 checksum:   111190 7cc6ecd13ffb3b4a39bca4e4982bf949
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_mipsel.deb
        Size/MD5 checksum:    77768 2fa6c11b6337476fe541b15280ae8779
    
    powerpc architecture (PowerPC)
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_powerpc.deb
        Size/MD5 checksum:   105510 9051fb4c2181d6d28c6792ebe3a3af10
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_powerpc.deb
        Size/MD5 checksum:    74052 84cdc573f9c8984c6ab6d02a05fec788
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_powerpc.deb
        Size/MD5 checksum:   112628 a73367fb674a2ae7765104c8de13d20a
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_powerpc.udeb
        Size/MD5 checksum:    43664 527a530ca9cd96c950f5523b3a6c8266
    
    s390 architecture (IBM S/390)
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_s390.deb
        Size/MD5 checksum:   116646 63e5b231b68432751b50436f11e811d1
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_s390.deb
        Size/MD5 checksum:    76934 c7c11f2d6601a829b9b079fe88c334a2
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_s390.udeb
        Size/MD5 checksum:    47418 f5c49d1da85b38f1abe02891c5493d5d
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_s390.deb
        Size/MD5 checksum:   109474 51f1f614fc3268ded7bb684ebb3c786a
    
    sparc architecture (Sun SPARC/UltraSPARC)
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_sparc.udeb
        Size/MD5 checksum:    44558 6ab09f9aa20761f84349720bda2f4494
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_sparc.deb
        Size/MD5 checksum:    74962 60245972bc1f89283683898d04a5758f
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_sparc.deb
        Size/MD5 checksum:   106514 1a50f0a1c91d0fc88a33683aa8389f53
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_sparc.deb
        Size/MD5 checksum:   113918 697615095fa33aacd5dabb822e296247
    
    
    
    Debian GNU/Linux 4.0 alias etch
    - -------------------------------
    
    Source archives:
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1.dsc
        Size/MD5 checksum:      683 07a1aaa5663007a56b3930bdf843a8a4
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1.diff.gz
        Size/MD5 checksum:   108226 a44eace486ab768b3b73d22a9a64aa35
    
    alpha architecture (DEC Alpha)
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_alpha.deb
        Size/MD5 checksum:   115856 083e20878c77216dde01215d26d36714
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_alpha.deb
        Size/MD5 checksum:    81340 e9e129b291a94631115cc51e2f23c0b8
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_alpha.udeb
        Size/MD5 checksum:    53334 a9af65ac152764ca3907e9a2ab447832
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_alpha.deb
        Size/MD5 checksum:   122824 1e874fefa911a48a307ce9e4ba3bad7e
    
    amd64 architecture (AMD x86_64 (AMD64))
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_amd64.deb
        Size/MD5 checksum:   109188 afb0a5fac336ee590b529d229c134c37
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_amd64.deb
        Size/MD5 checksum:    76090 5920da74cbbc629f67648da42bd5ac26
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_amd64.udeb
        Size/MD5 checksum:    46720 460339f23ec8fc589262e47b4d476e6b
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_amd64.deb
        Size/MD5 checksum:   115762 e37484724dc8cc62279331552136b16b
    
    arm architecture (ARM)
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_arm.deb
        Size/MD5 checksum:   107522 6e4eea9ae761fb2b8ce42c5cb6d1d85a
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_arm.deb
        Size/MD5 checksum:    74440 c5f56b9f45470bebe91ff5fa9c977aba
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_arm.udeb
        Size/MD5 checksum:    44824 738c4cfeea56e8a63f95de38c99c9ea3
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_arm.deb
        Size/MD5 checksum:   114324 86dd3f90a7f00f7f5d5dca2a5bb3a893
    
    hppa architecture (HP PA RISC)
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_hppa.deb
        Size/MD5 checksum:   109138 f933b19d933da11a0c0f32c1d7ea6457
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_hppa.deb
        Size/MD5 checksum:   114938 a92ed2ab2708b5f33471726c2b870e45
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_hppa.udeb
        Size/MD5 checksum:    46540 7afafeaa053be9aefd5d53ef8f9016db
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_hppa.deb
        Size/MD5 checksum:    77078 53dce263c2d97546605a4eab6feff7d1
    
    i386 architecture (Intel ia32)
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_i386.deb
        Size/MD5 checksum:    72792 584673523ebe264542c874bb8cd50dc1
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_i386.deb
        Size/MD5 checksum:   111048 9a958d55894300d767d5e7218c0908a2
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_i386.deb
        Size/MD5 checksum:   103460 c96cc449b6711f16c77e7327db8203bd
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_i386.udeb
        Size/MD5 checksum:    40918 a1ad2f247b1618996e1bc77251e33a6c
    
    ia64 architecture (Intel ia64)
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_ia64.deb
        Size/MD5 checksum:   142308 cabeaa01a24205a6ca680918fcda0aa6
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_ia64.deb
        Size/MD5 checksum:   135772 c6acdfcafa2c47d3c03c7678b169e2d5
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_ia64.deb
        Size/MD5 checksum:    92586 13ba7f368b30ba3961b0673f2cd9139d
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_ia64.udeb
        Size/MD5 checksum:    72358 d5e35b607512e7bfd741a4bba11e61ca
    
    mips architecture (MIPS (Big Endian))
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_mips.deb
        Size/MD5 checksum:   111944 85fa22ee6cbe26d7f6334c84b396c7fc
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_mips.deb
        Size/MD5 checksum:   118028 aa19adfe80326fa9ec472bc322b980ed
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_mips.udeb
        Size/MD5 checksum:    49300 3135e946aa399647f1f10a9156fc4ea1
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_mips.deb
        Size/MD5 checksum:    78496 64d1d7a727b09e2a4bc8c62d645cf328
    
    mipsel architecture (MIPS (Little Endian))
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_mipsel.udeb
        Size/MD5 checksum:    48778 4d3fcc007909a033d1ee4b896a86a37f
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_mipsel.deb
        Size/MD5 checksum:    78148 45e111fd9a682f0a8a6650f910df2a96
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_mipsel.deb
        Size/MD5 checksum:   117516 65a9131fd1f0b9a8fc281c23f73135bb
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_mipsel.deb
        Size/MD5 checksum:   111432 ec3a493b1361b27e5eb6291bb342c836
    
    powerpc architecture (PowerPC)
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_powerpc.udeb
        Size/MD5 checksum:    43064 959561fcba2b19a726531003f58bc513
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_powerpc.deb
        Size/MD5 checksum:   112110 9e4185353c3b1fc0245c81cada9f54a9
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_powerpc.deb
        Size/MD5 checksum:   105748 b4326a4b51e847ee38985225643545f0
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_powerpc.deb
        Size/MD5 checksum:    74526 27dc981e31b48c01bb01d31625f63b78
    
    s390 architecture (IBM S/390)
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_s390.deb
        Size/MD5 checksum:   116122 6695ab7f9ba8a6b9e9450c5ccdbff0b0
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_s390.udeb
        Size/MD5 checksum:    53522 c0051f2a6080d62b9c0c16901145648e
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_s390.deb
        Size/MD5 checksum:   121790 2d735b968013a97ea10be8b1e1a7e00a
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_s390.deb
        Size/MD5 checksum:    80214 1266926c11aca9a4b79fc05f4e32c8bd
    
    sparc architecture (Sun SPARC/UltraSPARC)
    
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_sparc.udeb
        Size/MD5 checksum:    43556 5f8aa11c612691d5333dcff69ed22148
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_sparc.deb
        Size/MD5 checksum:   106388 b4e9a9291d7057edfa0f2622e6eae727
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_sparc.deb
        Size/MD5 checksum:   112822 23ec796a6e7794c73b397391f5245f35
      http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_sparc.deb
        Size/MD5 checksum:    74926 3bfb54f34d1a4807fe3ed62fe30bd3e9
    
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - --------------------------------------------------------------------------------
    For apt-get: deb http://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"5","type":"x","order":"1","pct":55.56,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":33.33,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"1","type":"x","order":"3","pct":11.11,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.