ISC DHCP客户端缓冲区溢出漏洞

漏洞信息详情

ISC DHCP客户端缓冲区溢出漏洞

• CNNVD编号：CNNVD-200006-098
• 危害等级： 超危
  
  
• CVE编号：
  CVE-2000-0585
  
• 漏洞类型：
  
  
  输入验证
  
• 发布时间：
  
  2000-06-24
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-05-02
  
• 厂        商：
  
  isc
• 漏洞来源：
  First discussed on…

ISC DHCP客户端程序dhclient存在漏洞。远程攻击者借助shell元字符可以执行任意命令。

The newest patched versions are 2.0pl3 and 3.0b1pl17. Previous patches (2.0pl1 and 3.0b1pl14) did not completely fix this vulnerability.
FTP: ftp://ftp.isc.org/isc/dhcp
Anonymous CVS:
http://www.isc.org/products/DHCP/anoncvs.html.
An upgrade to FreeBSD 4.1 should resolve this problem. Below are patches for ports version of ISC dhcp:

FreeBSD FreeBSD 4.0

• FreeBSD ports-4 i386 isc-dhcp3
  ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/net/isc
  -dhcp3-3.0.b1.17.tgz

Turbolinux Turbolinux 6.0.5

• Turbolinux 6.1 i386 dhcp-2.0pl5-2.i386.rpm
  ftp://ftp.turbolinux.com/pub/updates/6.0/security/dhcp-2.0pl5-2.i386.r
  pm
• Turbolinux 6.1 i386 dhcp-client-2.0pl5-2.i386.rpm
  ftp://ftp.turbolinux.com/pub/updates/6.0/security/dhcp-client-2.0pl5-2
  .i386.rpm

Turbolinux Turbolinux 6.1

• Turbolinux 6.1 i386 dhcp-2.0pl5-2.i386.rpm
  ftp://ftp.turbolinux.com/pub/updates/6.0/security/dhcp-2.0pl5-2.i386.r
  pm
• Turbolinux 6.1 i386 dhcp-client-2.0pl5-2.i386.rpm
  ftp://ftp.turbolinux.com/pub/updates/6.0/security/dhcp-client-2.0pl5-2
  .i386.rpm

来源: XF
名称: openbsd-isc-dhcp
链接:http://xforce.iss.net/static/4772.php

来源: BUGTRAQ
名称: 20000624 Possible root exploit in ISC DHCP client.
链接:http://archives.neohapsis.com/archives/bugtraq/2000-06/0247.html

来源: BID
名称: 1388
链接:http://www.securityfocus.com/bid/1388

来源: SUSE
名称: 20000711 Security Hole in dhclient < 2.0
链接:http://www.novell.com/linux/security/advisories/suse_security_announce_56.html

来源: DEBIAN
名称: 20000628 dhcp client: remote root exploit in dhcp client
链接:http://www.debian.org/security/2000/20000628

来源: BUGTRAQ
名称: 20000702 [Security Announce] dhcp update
链接:http://archives.neohapsis.com/archives/bugtraq/2000-07/0014.html

来源: NETBSD
名称: NetBSD-SA2000-008
链接:ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-008.txt.asc

来源: FREEBSD
名称: FreeBSD-SA-00:34
链接:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:34.dhclient.asc