+++ This bug was initially created as a clone of Bug #275231 +++ ** Please note that this issue is confidential and no information should be disclosed until it is made public, see "Whiteboard" for a date ** ISC dhclient has a stack overflow vulnerability which makes it theoretically possible for a rogue DHCP server to execute arbitrary commands as root on the affected system through stack return subversion. ... Fix: Upgrade to 4.1.0p1, 4.0.1p1, or 3.1.2p1 There are no fixes planned for DHCP 3.0 or DHCP 2.0, as those release trains have reached End-Of-Life. ... CVE: VU#410676, pre-assigned CVE# CVE-2009-0692
This is now public as per $URL.
GLSA 200907-12
CVE-2009-0692 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0692): Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option.