Test Kennung:	1.3.6.1.4.1.25623.1.0.900694
Kategorie:	Buffer overflow
Titel:	ISC DHCP Client Buffer Overflow Vulnerability
Zusammenfassung:	ISC DHCP Client is prone to a buffer overflow vulnerability.
Beschreibung:	Summary: ISC DHCP Client is prone to a buffer overflow vulnerability. Vulnerability Insight: The flaw is due to a boundary error within the 'script_write_params()' function in 'client/dhclient.c' which can be exploited to cause a stack-based buffer overflow by sending an overly long subnet-mask option. Vulnerability Impact: Successful exploitation allows attackers to run arbitrary code, corrupt memory, and can cause denial of service. Affected Software/OS: ISC DHCP dhclient 4.1 before 4.1.0p1 ISC DHCP dhclient 4.0 before 4.0.1p1 ISC DHCP dhclient 3.1 before 3.1.2p1 ISC DHCP dhclient all versions in 3.0 and 2.0 series. Solution: Upgrade to version 4.1.0p1, 4.0.1p1, or 3.1.2p1 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0692 BugTraq ID: 35668 http://www.securityfocus.com/bid/35668 CERT/CC vulnerability note: VU#410676 http://www.kb.cert.org/vuls/id/410676 Debian Security Information: DSA-1833 (Google Search) http://www.debian.org/security/2009/dsa-1833 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01177.html https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00340.html http://security.gentoo.org/glsa/glsa-200907-12.xml HPdes Security Advisory: HPSBMA02554 http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083 HPdes Security Advisory: SSRT100018 http://www.mandriva.com/security/advisories?name=MDVSA-2009:151 NETBSD Security Advisory: NetBSD-SA2009-010 http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-010.txt.asc http://www.osvdb.org/55819 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10758 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5941 http://www.redhat.com/support/errata/RHSA-2009-1136.html http://www.redhat.com/support/errata/RHSA-2009-1154.html http://www.securitytracker.com/id?1022548 http://secunia.com/advisories/35785 http://secunia.com/advisories/35829 http://secunia.com/advisories/35830 http://secunia.com/advisories/35831 http://secunia.com/advisories/35832 http://secunia.com/advisories/35841 http://secunia.com/advisories/35849 http://secunia.com/advisories/35850 http://secunia.com/advisories/35851 http://secunia.com/advisories/35880 http://secunia.com/advisories/36457 http://secunia.com/advisories/37342 http://secunia.com/advisories/40551 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.561471 SuSE Security Announcement: SUSE-SA:2009:037 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00003.html http://www.ubuntu.com/usn/usn-803-1 http://www.vupen.com/english/advisories/2009/1891 http://www.vupen.com/english/advisories/2010/1796
Copyright	Copyright (C) 2009 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.