Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 398763 (CVE-2011-4868) - <net-misc/dhcp-4.2.4_p1 DHCPv6 Dynamic DNS Lease Status Updating Denial of Service Vulnerability (CVE-2011-4868)
Summary: <net-misc/dhcp-4.2.4_p1 DHCPv6 Dynamic DNS Lease Status Updating Denial of Se...
Status: RESOLVED FIXED
Alias: CVE-2011-4868
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://secunia.com/advisories/47555/
Whiteboard: B3 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2012-01-13 12:25 UTC by Agostino Sarubbo
Modified: 2013-01-09 00:53 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2012-01-13 12:25:25 UTC
From secunia security advisory at $URL:

Description:
The vulnerability is caused due to a NULL pointer dereference error within the handling of the DHCPv6 lease structure when updating Dynamic DNS lease status, which can be exploited to cause a crash by sending specially crafted DHCP packets.

Successful exploitation requires that DHCPv6 and Dynamic DNS are used.

The vulnerability is reported in versions 4.2.2, 4.2.3, and 4.2.3-P1.

Solution:
Update to version 4.2.3-P2.
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2012-02-21 01:22:59 UTC
CVE-2011-4868 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4868):
  The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using
  Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the
  DHCPv6 lease structure, which allows remote attackers to cause a denial of
  service (NULL pointer dereference and daemon crash) via crafted packets
  related to a lease-status update.
Comment 2 Sean Amoss (RETIRED) gentoo-dev Security 2012-09-20 13:35:32 UTC
Stabilization completed in bug 428120.

Already on existing GLSA request.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2013-01-09 00:53:10 UTC
This issue was resolved and addressed in
 GLSA 201301-06 at http://security.gentoo.org/glsa/glsa-201301-06.xml
by GLSA coordinator Stefan Behte (craig).