Rapid7 Vulnerability & Exploit Database

RHSA-2011:0428: dhcp security update

Back to Search

RHSA-2011:0428: dhcp security update

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
04/08/2011
Created
07/25/2018
Added
04/19/2011
Modified
07/04/2017

Description

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allowsindividual devices on an IP network to get their own network configurationinformation, including an IP address, a subnet mask, and a broadcastaddress.It was discovered that the DHCP client daemon, dhclient, did notsufficiently sanitize certain options provided in DHCP server replies, suchas the client hostname. A malicious DHCP server could send such an optionwith a specially-crafted value to a DHCP client. If this option's value wassaved on the client system, and then later insecurely evaluated by aprocess that assumes the option is trusted, it could lead to arbitrary codeexecution with the privileges of that process. (CVE-2011-0997)Red Hat would like to thank Sebastian Krahmer of the SuSE Security Team forreporting this issue.All dhclient users should upgrade to these updated packages, which containa backported patch to correct this issue.

Solution(s)

  • redhat-upgrade-dhclient
  • redhat-upgrade-dhcp
  • redhat-upgrade-dhcp-debuginfo
  • redhat-upgrade-dhcp-devel
  • redhat-upgrade-libdhcp4client
  • redhat-upgrade-libdhcp4client-devel

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;