LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: August 15th, 2014
Linux Advisory Watch: August 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Debian: dhcp3 multiple vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
Debian The Internet Software Consortium discoverd several vulnerabilities during an audit of the ISC DHCP Daemon.

- --------------------------------------------------------------------------
Debian Security Advisory DSA 231-1                     security@debian.org 
http://www.debian.org/security/                             Martin Schulze
January 17th, 2003                       http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : dhcp3
Vulnerability  : stack overflows
Problem-Type   : remote
Debian-specific: no
CVE Id         : CAN-2003-0026
CERT advisory  : VU#284857 CA-2003-01

The Internet Software Consortium discoverd several vulnerabilities
during an audit of the ISC DHCP Daemon.  The vulnerabilities exist in
error handling routines within the minires library and may be
exploitable as stack overflows.  This could allow a remote attacker to
execute arbitrary code under the user id the dhcpd runs under, usually
root.  Other DHCP servers than dhcp3 doesn't seem to be affected.

For the stable distribution (woody) this problem has been
fixed in version 3.0+3.0.1rc9-2.1.

The old stable distribution (potato) does not contain dhcp3 packages.

For the unstable distribution (sid) this problem has been fixed in
version 3.0+3.0.1rc11-1.

We recommend that you upgrade your dhcp3-server package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.0+3.0.1rc9-2.1.dsc
      Size/MD5 checksum:      730 37209f2e8ff29f9d38e4f812183a8321
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.0+3.0.1rc9-2.1.diff.gz
      Size/MD5 checksum:    23781 d6b2e0bcf1b32d52423202ae5f988cf6
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.0+3.0.1rc9.orig.tar.gz
      Size/MD5 checksum:   809803 3cc4758e5a59362315393a1874dfcb21

  Alpha architecture:

     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_alpha.deb
      Size/MD5 checksum:   416508 773f104e93a351675621d4b812dedb0d
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_alpha.deb
      Size/MD5 checksum:   216042 2a7c64e688ca68bf0b227334ba2d7833
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_alpha.deb
      Size/MD5 checksum:   106842 9020774e6cdc310a3a3cf2a42ba58d63
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_alpha.deb
      Size/MD5 checksum:   287082 189f63d99acb438981c10800d7783d44
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_alpha.deb
      Size/MD5 checksum:   526816 08d076cefd29fa5e0055fda006cac383

  ARM architecture:

     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_arm.deb
      Size/MD5 checksum:   386804 842b5eb5de805516022bada7f0094822
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_arm.deb
      Size/MD5 checksum:   188558 5dbbd9b9ab025f52024b19627bfbdc72
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_arm.deb
      Size/MD5 checksum:    93316 57bfc9321b7d10ae70ec6214d59bcb2f
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_arm.deb
      Size/MD5 checksum:   273220 6a99a3da6a633477ae430d92f68f2184
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_arm.deb
      Size/MD5 checksum:   484438 677cd67a76fc9814fe2a7c3ca4a1a492

  Intel IA-32 architecture:

     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_i386.deb
      Size/MD5 checksum:   375234 eadc1375ff236a3f6fd831340fa23bb2
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_i386.deb
      Size/MD5 checksum:   178496 afd9dda61da369a5ff76b15803fd4136
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_i386.deb
      Size/MD5 checksum:    82020 6137706b46e9b5d0f8d85bf0188f2050
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_i386.deb
      Size/MD5 checksum:   269162 289c850ffa01157b09537ec57bf25d0c
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_i386.deb
      Size/MD5 checksum:   465074 fae064fc37dede8a61bf836248e97e34

  Intel IA-64 architecture:

     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_ia64.deb
      Size/MD5 checksum:   549968 cf516c3021a7a9467d0bd5e8bc5467c4
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_ia64.deb
      Size/MD5 checksum:   339122 abfcc44debcca325e01b76031536bacd
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_ia64.deb
      Size/MD5 checksum:   134170 d2683f5f882b01422dab6ee93983c0a5
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_ia64.deb
      Size/MD5 checksum:   348612 97101d3f841d5509f61664e27158cf23
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_ia64.deb
      Size/MD5 checksum:   701398 5bc9980f56c7830a04f21bfedb228959

  HP Precision architecture:

     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_hppa.deb
      Size/MD5 checksum:   384788 f733a3a7db9c641cff4594212f275984
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_hppa.deb
      Size/MD5 checksum:   188118 5928747afeb44dfd8cfd8e02c332068f
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_hppa.deb
      Size/MD5 checksum:    92962 2044c3e40799aeb2d328b6084d611016
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_hppa.deb
      Size/MD5 checksum:   274626 cba0f35f3a64f21ee4f6d913bb3fa293
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_hppa.deb
      Size/MD5 checksum:   477908 58ca5c2bc695aaccfea6052e37767dec

  Motorola 680x0 architecture:

     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_m68k.deb
      Size/MD5 checksum:   364506 a78a9398f67bbf9083958cc98b2298a5
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_m68k.deb
      Size/MD5 checksum:   168460 9ca486cd937a27d066fd33af2fa448c9
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_m68k.deb
      Size/MD5 checksum:    79196 fce453cdd71d77bbb8a69af8e03fe24b
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_m68k.deb
      Size/MD5 checksum:   264088 6b2a21514111f691e382711a488c2121
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_m68k.deb
      Size/MD5 checksum:   451034 c26bf487dec970ea2eb77d7420574b31

  Big endian MIPS architecture:

     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_mips.deb
      Size/MD5 checksum:   397524 fda141ea4a15b1ac3bd556d182cc77f2
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_mips.deb
      Size/MD5 checksum:   198432 c44d48cb08d6645f4d371575e0c65497
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_mips.deb
      Size/MD5 checksum:    94642 0a0b958f68e4e1c476db1c5cd71ff84e
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_mips.deb
      Size/MD5 checksum:   281424 f01760c830e76d99c0d3dff61f41474c
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_mips.deb
      Size/MD5 checksum:   496270 84398a69046aad6340b0235fffae8f64

  Little endian MIPS architecture:

     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_mipsel.deb
      Size/MD5 checksum:   397100 1cf221ff34d407a50ff39947578141b4
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_mipsel.deb
      Size/MD5 checksum:   197736 eb08eba8000fba3315df4e940f520e40
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_mipsel.deb
      Size/MD5 checksum:    94786 99c4b8f8cc0d9849bf72e3d43b5e4f87
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_mipsel.deb
      Size/MD5 checksum:   281390 96e869af7f9d8e008fcde2269d676f45
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_mipsel.deb
      Size/MD5 checksum:   495938 d3c899c409c26461e80c85aff382d3e4

  PowerPC architecture:

     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_powerpc.deb
      Size/MD5 checksum:   374958 6f37a18a820304e9ef9ed120b14e69c6
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_powerpc.deb
      Size/MD5 checksum:   178404 502b47d01b6ad7d1c74aa9080edf1f8f
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_powerpc.deb
      Size/MD5 checksum:    91016 1970d5daa075c804d17c39ae6e376255
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_powerpc.deb
      Size/MD5 checksum:   269668 494ebd8a9950a30ac5e013d41e6a0457
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_powerpc.deb
      Size/MD5 checksum:   466796 3588ff1f5d220f236323aaebb61988b2

  IBM S/390 architecture:

     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_s390.deb
      Size/MD5 checksum:   374752 f1a1624c38f20ace387730b3cdb71257
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_s390.deb
      Size/MD5 checksum:   177730 00faaea3e1a30546324b248b92980857
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_s390.deb
      Size/MD5 checksum:    82992 9c1b2a9abadce85355d43e9a6cd1d0bb
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_s390.deb
      Size/MD5 checksum:   270624 03c36acf2b87cab9fcea4a39f0ec329f
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_s390.deb
      Size/MD5 checksum:   465288 2937d4f9c371bd72409e8c9216d145e9

  Sun Sparc architecture:

     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_sparc.deb
      Size/MD5 checksum:   375362 69a5e5399e2a980e182405c63525c792
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_sparc.deb
      Size/MD5 checksum:   178340 fd6d34c44429e67dd1661ee5f3563748
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_sparc.deb
      Size/MD5 checksum:    87262 77c318418e23c496bfbeb351075a8909
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_sparc.deb
      Size/MD5 checksum:   271132 c95e510874e1b1de7d3cec63c2a43887
     http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_sparc.deb
      Size/MD5 checksum:   465422 7d42532c3ecc241a5ec81215f3ad22d6


  These files will probably be moved into the stable distribution on
  its next revision.

- ---------------------------------------------------------------------------------
For apt-get: deb  http://security.debian.org/ stable/updates main
For dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and  http://packages.debian.org/



 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Attackers Can ‘Steal’ Bandwidth From BitTorrent Seeders, Research Finds
Linux Kernel Development Gets Two-Factor Authentication
Hacking cars and traffic lights at Def Con
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.