Summary: | <net-misc/dhcp-3.1.1-r1 dhclient Stack-based buffer overflow (CVE-2009-0692) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Alex Legler (RETIRED) <a3li> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | blocker | CC: | axiator, chainsaw, robbat2 |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.kb.cert.org/vuls/id/410676 | ||
Whiteboard: | A0 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Alex Legler (RETIRED)
2009-07-13 23:04:41 UTC
This is now public as per $URL. GLSA 200907-12 CVE-2009-0692 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0692): Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option. |