DOCUMENTATION

Views

Search

Toolbox

Advisories:rPSA-2009-0041

From rPath Wiki

Jump to: navigation, search

rPath Security Advisory 2009-0041-1

Published: 2009-03-12

Products

rPath Linux 1
rPath Linux 2

Rating

Critical

Exposure Level Classification

Remote Root Deterministic Denial of Service

Updated Versions

dhclient=conary.rpath.com@rpl:1/3.0.7-0.4-1
dhclient=conary.rpath.com@rpl:2/3.1.2-0.2-1
dhcp=conary.rpath.com@rpl:1/3.0.7-0.4-1
dhcp=conary.rpath.com@rpl:2/3.1.2-0.2-1
libdhcp4client=conary.rpath.com@rpl:2/3.1.2-0.2-1

rPath Issue Tracking System

RPL-2987

References

CVE-2007-0062

Description

Previous versions of the ISC DHCP server were vulnerable to denial

of service or arbitrary code execution attacks via malformed DHCP

packets with a large dhcp-max-message-size that trigger a

stack-based buffer overflow.

Note that rPath Linux 2 is susceptible only to a Denial of Service

in this case, due to the stack protector feature enabled as part of

rPath Linux 2.

Copyright 2009 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html

Retrieved from "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0041"

Categories: Support Issue | Advisories