Bug 398763 (CVE-2011-4868)

Summary:	<net-misc/dhcp-4.2.4_p1 DHCPv6 Dynamic DNS Lease Status Updating Denial of Service Vulnerability (CVE-2011-4868)
Product:	Gentoo Security	Reporter:	Agostino Sarubbo <ago>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	minor	CC:	base-system
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://secunia.com/advisories/47555/
Whiteboard:	B3 [glsa]
Package list:		Runtime testing required:	---

Description Agostino Sarubbo gentoo-dev

2012-01-13 12:25:25 UTC

From secunia security advisory at $URL:

Description:
The vulnerability is caused due to a NULL pointer dereference error within the handling of the DHCPv6 lease structure when updating Dynamic DNS lease status, which can be exploited to cause a crash by sending specially crafted DHCP packets.

Successful exploitation requires that DHCPv6 and Dynamic DNS are used.

The vulnerability is reported in versions 4.2.2, 4.2.3, and 4.2.3-P1.

Solution:
Update to version 4.2.3-P2.

Comment 1 GLSAMaker/CVETool Bot gentoo-dev

2012-02-21 01:22:59 UTC

CVE-2011-4868 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4868):
  The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using
  Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the
  DHCPv6 lease structure, which allows remote attackers to cause a denial of
  service (NULL pointer dereference and daemon crash) via crafted packets
  related to a lease-status update.

Comment 2 Sean Amoss (RETIRED) gentoo-dev

2012-09-20 13:35:32 UTC

Stabilization completed in bug 428120.

Already on existing GLSA request.

Comment 3 GLSAMaker/CVETool Bot gentoo-dev

2013-01-09 00:53:10 UTC

This issue was resolved and addressed in
 GLSA 201301-06 at http://security.gentoo.org/glsa/glsa-201301-06.xml
by GLSA coordinator Stefan Behte (craig).