Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 362453 (CVE-2011-0997) - <net-misc/dhcp-4.2.1_p1: Hostname sanitation failure (CVE-2011-0997)
Summary: <net-misc/dhcp-4.2.1_p1: Hostname sanitation failure (CVE-2011-0997)
Status: RESOLVED FIXED
Alias: CVE-2011-0997
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: A2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2011-04-07 15:22 UTC by Alex Legler (RETIRED)
Modified: 2013-01-09 00:53 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2011-04-07 15:22:22 UTC
From $URL:
Sebastian Krahmer of the SUSE security team noticed that DHCP clients fail to
sanitize certain values supplied by DHCP servers during the DHCP communication.
 The example of such value is hostname configured on the DHCP client.  Various
scripts assume hostname is trusted and do not sufficiently escape or quote it. 
Malicious DHCP server can use this to execute arbitrary code on the DHCP client
by supplying a specially-crafted hostname.

Fixed for our current stable in 3.1-ESV (http://ftp.isc.org/isc/dhcp/dhcp-3.1-ESV-R1-RELNOTES), for testing in 4.2.1-P1 (http://ftp.isc.org/isc/dhcp/dhcp-4.2.1-P1-RELNOTES)
Comment 1 SpanKY gentoo-dev 2011-04-07 23:48:52 UTC
ive added dhcp-4.2.1_p1 to the tree.  someone else can handle dhcp-3.x.
Comment 2 Stefan Behte (RETIRED) gentoo-dev Security 2011-10-11 20:05:54 UTC
Please punt vulnerable versions.
Comment 3 Sean Amoss gentoo-dev Security 2012-11-09 00:48:37 UTC
Updated existing GLSA draft to include this.
Comment 4 GLSAMaker/CVETool Bot gentoo-dev 2013-01-09 00:53:05 UTC
This issue was resolved and addressed in
 GLSA 201301-06 at http://security.gentoo.org/glsa/glsa-201301-06.xml
by GLSA coordinator Stefan Behte (craig).