Debian: dhcp fix arbitrary code execution DSA-1388-1

    Date 18 Oct 2007
    3585
    Posted By LinuxSecurity Advisories
    It was discovered that dhcp, a DHCP server for automatic IP address assignment, didn't correctly allocate space for network replies. This could potentially allow a malicious DHCP client to execute arbitary code upon the DHCP server.
    - ------------------------------------------------------------------------
    Debian Security Advisory DSA 1388-1                  This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.debian.org/security/                               Steve Kemp
    October 18th, 2007                    https://www.debian.org/security/faq
    - ------------------------------------------------------------------------
    
    Package        : dhcp
    Vulnerability  : buffer overflow
    Problem type   : remote
    Debian-specific: no
    CVE Id(s)      : CVE-2007-5365
    Debian Bug     : 446354
    
    It was discovered that dhcp, a DHCP server for automatic IP address assignment,
    didn't correctly allocate space for network replies.  This could potentially
    allow a malicious DHCP client to execute arbitary code upon the DHCP server.
    
    For the old stable distribution (sarge), this problem has been fixed in
    version 2.0pl5-19.1sarge3.
    
    For the stable distribution (etch), this problem has been fixed in
    version 2.0pl5-19.5etch1.
    
    For the unstable distribution (sid), this problem will be fixed shortly.
    
    We recommend that you upgrade your dhcp package.
    
    
    Upgrade instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
    
    Source archives:
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3.diff.gz
        Size/MD5 checksum:    86946 9a8f4a8219d0df0ea8d00a766afb1cb3
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3.dsc
        Size/MD5 checksum:      687 22ac1bac4dbdd4bb034921b496eb7ad8
    
    alpha architecture (DEC Alpha)
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_alpha.udeb
        Size/MD5 checksum:    53920 bdcdd8fe476006baff32bba6797ce8f6
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_alpha.deb
        Size/MD5 checksum:    80140 e2a2bea48927595e106b4f1261107e0b
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_alpha.deb
        Size/MD5 checksum:   122328 d6090dcc6f6ea0dd216723fe67495485
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_alpha.deb
        Size/MD5 checksum:   115802 b9e74f333e37f9cb54b417f436eb3ef7
    
    amd64 architecture (AMD x86_64 (AMD64))
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_amd64.deb
        Size/MD5 checksum:   108782 e2c5b850e6d2cfaeee28e8a0cea6e978
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_amd64.deb
        Size/MD5 checksum:    76042 4482f2e622739b61bb36fa5709b7ba97
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_amd64.deb
        Size/MD5 checksum:   116080 c3be5b81038f5f29ccf50726fb111cfc
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_amd64.udeb
        Size/MD5 checksum:    47164 34edcdd4ec9571f151dd7ba763967fa2
    
    arm architecture (ARM)
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_arm.deb
        Size/MD5 checksum:   113770 046155a2ebcaeff5177fa053acbf38b9
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_arm.udeb
        Size/MD5 checksum:    45586 e167fa982d418f5139d0acada21e582d
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_arm.deb
        Size/MD5 checksum:    73770 46378f1b6fd06f3861cea60854847f68
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_arm.deb
        Size/MD5 checksum:   106770 c1c4485c8c2cf462c532fae2a59805ab
    
    i386 architecture (Intel ia32)
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_i386.deb
        Size/MD5 checksum:   102632 c536a455a338b39df9e422f8014aee5c
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_i386.deb
        Size/MD5 checksum:    71246 e83e575491184c6e43311cbb9a3b7c76
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_i386.udeb
        Size/MD5 checksum:    40786 0521d5a40275999472be2c6adea13dcd
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_i386.deb
        Size/MD5 checksum:   108930 fc742b760b3130fc35fbdca1b543e9ab
    
    ia64 architecture (Intel ia64)
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_ia64.udeb
        Size/MD5 checksum:    74626 02a39276494c2c4d574450c84b9d308e
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_ia64.deb
        Size/MD5 checksum:   144928 8bc8479e568cdea075d4b0cf198e8592
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_ia64.deb
        Size/MD5 checksum:   137028 4b5da9ec5ec04878824ad502dd403c75
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_ia64.deb
        Size/MD5 checksum:    93024 35b3637bcd1e85aa83210ce8c57954bb
    
    mips architecture (MIPS (Big Endian))
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_mips.deb
        Size/MD5 checksum:   118660 1e023c911ba9fe95c5c6fcf7fbf7534f
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_mips.deb
        Size/MD5 checksum:    78120 5fb2f640d4851d9070c3a78cd53f5c53
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_mips.deb
        Size/MD5 checksum:   111706 a9a34701ec8a1a8f28213f7489b54bca
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_mips.udeb
        Size/MD5 checksum:    49782 81e2aac3e0696cbd0c64ddd96f06d199
    
    mipsel architecture (MIPS (Little Endian))
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_mipsel.udeb
        Size/MD5 checksum:    49280 7f50fa3fa7c991891da6e7ae7efc3370
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_mipsel.deb
        Size/MD5 checksum:   118208 6945230b5dd6efea120965f2d66118a2
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_mipsel.deb
        Size/MD5 checksum:   111190 7cc6ecd13ffb3b4a39bca4e4982bf949
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_mipsel.deb
        Size/MD5 checksum:    77768 2fa6c11b6337476fe541b15280ae8779
    
    powerpc architecture (PowerPC)
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_powerpc.deb
        Size/MD5 checksum:   105510 9051fb4c2181d6d28c6792ebe3a3af10
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_powerpc.deb
        Size/MD5 checksum:    74052 84cdc573f9c8984c6ab6d02a05fec788
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_powerpc.deb
        Size/MD5 checksum:   112628 a73367fb674a2ae7765104c8de13d20a
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_powerpc.udeb
        Size/MD5 checksum:    43664 527a530ca9cd96c950f5523b3a6c8266
    
    s390 architecture (IBM S/390)
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_s390.deb
        Size/MD5 checksum:   116646 63e5b231b68432751b50436f11e811d1
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_s390.deb
        Size/MD5 checksum:    76934 c7c11f2d6601a829b9b079fe88c334a2
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_s390.udeb
        Size/MD5 checksum:    47418 f5c49d1da85b38f1abe02891c5493d5d
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_s390.deb
        Size/MD5 checksum:   109474 51f1f614fc3268ded7bb684ebb3c786a
    
    sparc architecture (Sun SPARC/UltraSPARC)
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_sparc.udeb
        Size/MD5 checksum:    44558 6ab09f9aa20761f84349720bda2f4494
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_sparc.deb
        Size/MD5 checksum:    74962 60245972bc1f89283683898d04a5758f
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_sparc.deb
        Size/MD5 checksum:   106514 1a50f0a1c91d0fc88a33683aa8389f53
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_sparc.deb
        Size/MD5 checksum:   113918 697615095fa33aacd5dabb822e296247
    
    
    
    Debian GNU/Linux 4.0 alias etch
    - -------------------------------
    
    Source archives:
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1.dsc
        Size/MD5 checksum:      683 07a1aaa5663007a56b3930bdf843a8a4
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1.diff.gz
        Size/MD5 checksum:   108226 a44eace486ab768b3b73d22a9a64aa35
    
    alpha architecture (DEC Alpha)
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_alpha.deb
        Size/MD5 checksum:   115856 083e20878c77216dde01215d26d36714
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_alpha.deb
        Size/MD5 checksum:    81340 e9e129b291a94631115cc51e2f23c0b8
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_alpha.udeb
        Size/MD5 checksum:    53334 a9af65ac152764ca3907e9a2ab447832
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_alpha.deb
        Size/MD5 checksum:   122824 1e874fefa911a48a307ce9e4ba3bad7e
    
    amd64 architecture (AMD x86_64 (AMD64))
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_amd64.deb
        Size/MD5 checksum:   109188 afb0a5fac336ee590b529d229c134c37
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_amd64.deb
        Size/MD5 checksum:    76090 5920da74cbbc629f67648da42bd5ac26
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_amd64.udeb
        Size/MD5 checksum:    46720 460339f23ec8fc589262e47b4d476e6b
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_amd64.deb
        Size/MD5 checksum:   115762 e37484724dc8cc62279331552136b16b
    
    arm architecture (ARM)
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_arm.deb
        Size/MD5 checksum:   107522 6e4eea9ae761fb2b8ce42c5cb6d1d85a
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_arm.deb
        Size/MD5 checksum:    74440 c5f56b9f45470bebe91ff5fa9c977aba
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_arm.udeb
        Size/MD5 checksum:    44824 738c4cfeea56e8a63f95de38c99c9ea3
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_arm.deb
        Size/MD5 checksum:   114324 86dd3f90a7f00f7f5d5dca2a5bb3a893
    
    hppa architecture (HP PA RISC)
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_hppa.deb
        Size/MD5 checksum:   109138 f933b19d933da11a0c0f32c1d7ea6457
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_hppa.deb
        Size/MD5 checksum:   114938 a92ed2ab2708b5f33471726c2b870e45
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_hppa.udeb
        Size/MD5 checksum:    46540 7afafeaa053be9aefd5d53ef8f9016db
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_hppa.deb
        Size/MD5 checksum:    77078 53dce263c2d97546605a4eab6feff7d1
    
    i386 architecture (Intel ia32)
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_i386.deb
        Size/MD5 checksum:    72792 584673523ebe264542c874bb8cd50dc1
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_i386.deb
        Size/MD5 checksum:   111048 9a958d55894300d767d5e7218c0908a2
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_i386.deb
        Size/MD5 checksum:   103460 c96cc449b6711f16c77e7327db8203bd
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_i386.udeb
        Size/MD5 checksum:    40918 a1ad2f247b1618996e1bc77251e33a6c
    
    ia64 architecture (Intel ia64)
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_ia64.deb
        Size/MD5 checksum:   142308 cabeaa01a24205a6ca680918fcda0aa6
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_ia64.deb
        Size/MD5 checksum:   135772 c6acdfcafa2c47d3c03c7678b169e2d5
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_ia64.deb
        Size/MD5 checksum:    92586 13ba7f368b30ba3961b0673f2cd9139d
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_ia64.udeb
        Size/MD5 checksum:    72358 d5e35b607512e7bfd741a4bba11e61ca
    
    mips architecture (MIPS (Big Endian))
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_mips.deb
        Size/MD5 checksum:   111944 85fa22ee6cbe26d7f6334c84b396c7fc
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_mips.deb
        Size/MD5 checksum:   118028 aa19adfe80326fa9ec472bc322b980ed
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_mips.udeb
        Size/MD5 checksum:    49300 3135e946aa399647f1f10a9156fc4ea1
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_mips.deb
        Size/MD5 checksum:    78496 64d1d7a727b09e2a4bc8c62d645cf328
    
    mipsel architecture (MIPS (Little Endian))
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_mipsel.udeb
        Size/MD5 checksum:    48778 4d3fcc007909a033d1ee4b896a86a37f
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_mipsel.deb
        Size/MD5 checksum:    78148 45e111fd9a682f0a8a6650f910df2a96
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_mipsel.deb
        Size/MD5 checksum:   117516 65a9131fd1f0b9a8fc281c23f73135bb
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_mipsel.deb
        Size/MD5 checksum:   111432 ec3a493b1361b27e5eb6291bb342c836
    
    powerpc architecture (PowerPC)
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_powerpc.udeb
        Size/MD5 checksum:    43064 959561fcba2b19a726531003f58bc513
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_powerpc.deb
        Size/MD5 checksum:   112110 9e4185353c3b1fc0245c81cada9f54a9
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_powerpc.deb
        Size/MD5 checksum:   105748 b4326a4b51e847ee38985225643545f0
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_powerpc.deb
        Size/MD5 checksum:    74526 27dc981e31b48c01bb01d31625f63b78
    
    s390 architecture (IBM S/390)
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_s390.deb
        Size/MD5 checksum:   116122 6695ab7f9ba8a6b9e9450c5ccdbff0b0
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_s390.udeb
        Size/MD5 checksum:    53522 c0051f2a6080d62b9c0c16901145648e
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_s390.deb
        Size/MD5 checksum:   121790 2d735b968013a97ea10be8b1e1a7e00a
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_s390.deb
        Size/MD5 checksum:    80214 1266926c11aca9a4b79fc05f4e32c8bd
    
    sparc architecture (Sun SPARC/UltraSPARC)
    
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_sparc.udeb
        Size/MD5 checksum:    43556 5f8aa11c612691d5333dcff69ed22148
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_sparc.deb
        Size/MD5 checksum:   106388 b4e9a9291d7057edfa0f2622e6eae727
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_sparc.deb
        Size/MD5 checksum:   112822 23ec796a6e7794c73b397391f5245f35
      https://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_sparc.deb
        Size/MD5 checksum:    74926 3bfb54f34d1a4807fe3ed62fe30bd3e9
    
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - --------------------------------------------------------------------------------
    For apt-get: deb https://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    

    LinuxSecurity Poll

    If you are using full-disk encryption: are you concerned about the resulting performance hit?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/34-if-you-are-using-full-disk-encryption-are-you-concerned-about-the-resulting-performance-hit?task=poll.vote&format=json
    34
    radio
    [{"id":"120","title":"Yes","votes":"13","type":"x","order":"1","pct":61.9,"resources":[]},{"id":"121","title":"No ","votes":"8","type":"x","order":"2","pct":38.1,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Advisories

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.