This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
DHCP:SERVER:ISC-DHCLIENT-BOF
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
DHCP
|
Keywords |
ISC DHCP dhclient script_write_params Stack Buffer Overflow
|
Release Date |
2013/04/04
|
Update Number |
2252
|
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
DHCP: ISC DHCP dhclient script_write_params Stack Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the ISC DHCP dhclient script_write_params. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the application.
Extended Description
The ISC DHCP client 'dhclient' is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it into a fixed-length buffer.
Successfully exploiting this issue allows a remote attacker to execute arbitrary code with superuser privileges, resulting in a complete compromise of the affected computer.
Affected Products
- Debian linux 4.0
- Debian linux 4.0 Alpha
- Debian linux 4.0 Amd64
- Debian linux 4.0 Arm
- Debian linux 4.0 Armel
- Debian linux 4.0 Hppa
- Debian linux 4.0 Ia-32
- Debian linux 4.0 Ia-64
- Debian linux 4.0 M68k
- Debian linux 4.0 Mips
- Debian linux 4.0 Mipsel
- Debian linux 4.0 Powerpc
- Debian linux 4.0 S/390
- Debian linux 4.0 Sparc
- Debian linux 5.0
- Debian linux 5.0 Alpha
- Debian linux 5.0 Amd64
- Debian linux 5.0 Arm
- Debian linux 5.0 Armel
- Debian linux 5.0 Hppa
- Debian linux 5.0 Ia-32
- Debian linux 5.0 Ia-64
- Debian linux 5.0 M68k
- Debian linux 5.0 Mips
- Debian linux 5.0 Mipsel
- Debian linux 5.0 Powerpc
- Debian linux 5.0 S/390
- Debian linux 5.0 Sparc
- Gentoo linux
- Hp insight_control 6.0
- Hp insight_control
- Isc dhcp_client 2.0.0
- Isc dhcp_client 2.0.0 Pl1
- Isc dhcp_client 2.0.0 Pl3
- Isc dhcp_client 3.0
- Isc dhcp_client 3.0.0 B1
- Isc dhcp_client 3.0.0 B1pl14
- Isc dhcp_client 3.0.0 B1pl17
- Isc dhcp_client 4.0
- Isc dhcp_client 4.1
- Mandriva corporate_server 3.0.0
- Mandriva corporate_server 3.0.0 X86 64
- Mandriva corporate_server 4.0
- Mandriva corporate_server 4.0.0 X86 64
- Mandriva linux_mandrake 2008.0
- Mandriva linux_mandrake 2008.0 X86 64
- Mandriva linux_mandrake 2008.1
- Mandriva linux_mandrake 2008.1 X86 64
- Mandriva linux_mandrake 2009.0
- Mandriva linux_mandrake 2009.0 X86 64
- Mandriva linux_mandrake 2009.1
- Mandriva linux_mandrake 2009.1 X86 64
- Mandriva multi_network_firewall 2.0.0
- Netbsd netbsd 4.0
- Netbsd netbsd 4.0.1
- Netbsd netbsd 4.0.2
- Netbsd netbsd 4,0 Beta
- Netbsd netbsd 4.0 BETA2
- Netbsd netbsd 5.0
- Netbsd netbsd 5.0 RC3
- Nortel_networks bcm 1000
- Nortel_networks bcm 200
- Nortel_networks bcm 400
- Nortel_networks bcm 450
- Nortel_networks bcm 50
- Nortel_networks bcm 50A
- Nortel_networks bcm 50E
- Nortel_networks srg200 1.0
- Nortel_networks srg200/400 1.5
- Nortel_networks srg50
- Pardus linux_2008
- Red_hat desktop 3.0.0
- Red_hat enterprise_linux Desktop Version 4
- Red_hat enterprise_linux_as 3
- Red_hat enterprise_linux_as 4
- Red_hat enterprise_linux_as 4.7.Z
- Red_hat enterprise_linux_es 3
- Red_hat enterprise_linux_es 4
- Red_hat enterprise_linux_es 4.7.Z
- Red_hat enterprise_linux_ws 3
- Red_hat enterprise_linux_ws 4
- Red_hat fedora 10
- Red_hat fedora 11
- Slackware linux 10.0.0
- Slackware linux 10.1.0
- Slackware linux 10.2.0
- Slackware linux 11.0
- Slackware linux 12.0
- Slackware linux 12.1
- Slackware linux 12.2
- Slackware linux 8.1.0
- Slackware linux 9.0.0
- Slackware linux 9.1.0
- Slackware linux -Current
- Suse novell_linux_desktop 9.0.0
- Suse novell_linux_pos 9
- Suse open-enterprise-server
- Suse opensuse 10.3
- Suse opensuse 11.0
- Suse opensuse 11.1
- Suse suse_linux_enterprise_desktop 10 SP2
- Suse suse_linux_enterprise_desktop 11
- Suse suse_linux_enterprise_sdk 10 SP2
- Suse suse_linux_enterprise_server 10 SP2
- Suse suse_linux_enterprise_server 11
- Suse suse_linux_enterprise_server 9
- Ubuntu ubuntu_linux 6.06 LTS Amd64
- Ubuntu ubuntu_linux 6.06 LTS I386
- Ubuntu ubuntu_linux 6.06 LTS Powerpc
- Ubuntu ubuntu_linux 6.06 LTS Sparc
- Ubuntu ubuntu_linux 8.04 LTS Amd64
- Ubuntu ubuntu_linux 8.04 LTS I386
- Ubuntu ubuntu_linux 8.04 LTS Lpia
- Ubuntu ubuntu_linux 8.04 LTS Powerpc
- Ubuntu ubuntu_linux 8.04 LTS Sparc
- Ubuntu ubuntu_linux 8.10 Amd64
- Ubuntu ubuntu_linux 8.10 I386
- Ubuntu ubuntu_linux 8.10 Lpia
- Ubuntu ubuntu_linux 8.10 Powerpc
- Ubuntu ubuntu_linux 8.10 Sparc
- Ubuntu ubuntu_linux 9.04 Amd64
- Ubuntu ubuntu_linux 9.04 I386
- Ubuntu ubuntu_linux 9.04 Lpia
- Ubuntu ubuntu_linux 9.04 Powerpc
- Ubuntu ubuntu_linux 9.04 Sparc
- Ubuntu ubuntu_linux 9.10 Amd64
- Ubuntu ubuntu_linux 9.10 I386
- Ubuntu ubuntu_linux 9.10 Lpia
- Ubuntu ubuntu_linux 9.10 Powerpc
- Ubuntu ubuntu_linux 9.10 Sparc
- Vmware esxi_server 4.0
- Vmware esx_server 3.0.3
- Vmware esx_server 3.5
- Vmware esx_server 4.0
- Vmware vcenter 4.0
- Vmware virtualcenter 2.0.2
- Vmware virtualcenter 2.5
References