Skip to navigation

Security Advisory Critical: dhcp security update

Advisory: RHSA-2009:1136-1
Type: Security Advisory
Severity: Critical
Issued on: 2009-07-14
Last updated on: 2009-07-14
Affected Products: Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.7.z)
Red Hat Enterprise Linux AS (v. 4.8.z)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.7.z)
Red Hat Enterprise Linux ES (v. 4.8.z)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2009-0692

Details

Updated dhcp packages that fix a security issue are now available for Red
Hat Enterprise Linux 4 and 4.7 Extended Update Support.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows
individual devices on an IP network to get their own network configuration
information, including an IP address, a subnet mask, and a broadcast
address.

The Mandriva Linux Engineering Team discovered a stack-based buffer
overflow flaw in the ISC DHCP client. If the DHCP client were to receive a
malicious DHCP response, it could crash or execute arbitrary code with the
permissions of the client (root). (CVE-2009-0692)

Users of DHCP should upgrade to these updated packages, which contain a
backported patch to correct this issue.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Desktop (v. 4)

SRPMS:
dhcp-3.0.1-65.el4_8.1.src.rpm
File outdated by:  RHSA-2011:1160
    MD5: 95695bf71f04b832f893572251a603a2
 
IA-32:
dhclient-3.0.1-65.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1160
    MD5: 88e584cae71d8a01383fd07db0ca7a8e
dhcp-3.0.1-65.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1160
    MD5: 8c128a7bd13781d1ef779118aed76fff
dhcp-devel-3.0.1-65.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1160
    MD5: 1bad8b4e101f780b67b44702775830e2
 
x86_64:
dhclient-3.0.1-65.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1160
    MD5: 908a164936f46ea7f8bf8f0477eceabc
dhcp-3.0.1-65.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1160
    MD5: 557704ce9c241fce3434acc99975984c
dhcp-devel-3.0.1-65.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1160
    MD5: e7a425ad71eadbb7de9561ecf40c1608
 
Red Hat Enterprise Linux AS (v. 4)

SRPMS:
dhcp-3.0.1-65.el4_8.1.src.rpm
File outdated by:  RHSA-2011:1160
    MD5: 95695bf71f04b832f893572251a603a2
 
IA-32:
dhclient-3.0.1-65.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1160
    MD5: 88e584cae71d8a01383fd07db0ca7a8e
dhcp-3.0.1-65.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1160
    MD5: 8c128a7bd13781d1ef779118aed76fff
dhcp-devel-3.0.1-65.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1160
    MD5: 1bad8b4e101f780b67b44702775830e2
 
IA-64:
dhclient-3.0.1-65.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1160
    MD5: eb0cb068c116517f788de30805981733
dhcp-3.0.1-65.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1160
    MD5: 9e309393fed4433974c34f45328cec90
dhcp-devel-3.0.1-65.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1160
    MD5: 370b628051752284e32fb1c05c6e8e1b
 
PPC:
dhclient-3.0.1-65.el4_8.1.ppc.rpm
File outdated by:  RHSA-2011:1160
    MD5: 7b5fbcb83453ead314ad548f9172b498
dhcp-3.0.1-65.el4_8.1.ppc.rpm
File outdated by:  RHSA-2011:1160
    MD5: 6d771afd11cd6da71da8c83b446a007c
dhcp-devel-3.0.1-65.el4_8.1.ppc.rpm
File outdated by:  RHSA-2011:1160
    MD5: e8b8fb071ffdc4b78b544155b27b989b
 
s390:
dhclient-3.0.1-65.el4_8.1.s390.rpm
File outdated by:  RHSA-2011:1160
    MD5: f7eade2059f5883a723e62f97e7e53da
dhcp-3.0.1-65.el4_8.1.s390.rpm
File outdated by:  RHSA-2011:1160
    MD5: d080097fa54558c69d06d40198c40de8
dhcp-devel-3.0.1-65.el4_8.1.s390.rpm
File outdated by:  RHSA-2011:1160
    MD5: 3731b37581d64308066295fd003b7acf
 
s390x:
dhclient-3.0.1-65.el4_8.1.s390x.rpm
File outdated by:  RHSA-2011:1160
    MD5: b275401d075fd622bc8603a792c256da
dhcp-3.0.1-65.el4_8.1.s390x.rpm
File outdated by:  RHSA-2011:1160
    MD5: 071f1802fea8719433fb58c638ac2d8c
dhcp-devel-3.0.1-65.el4_8.1.s390x.rpm
File outdated by:  RHSA-2011:1160
    MD5: c3336fe33b4f19bb3da359f45f74ce45
 
x86_64:
dhclient-3.0.1-65.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1160
    MD5: 908a164936f46ea7f8bf8f0477eceabc
dhcp-3.0.1-65.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1160
    MD5: 557704ce9c241fce3434acc99975984c
dhcp-devel-3.0.1-65.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1160
    MD5: e7a425ad71eadbb7de9561ecf40c1608
 
Red Hat Enterprise Linux AS (v. 4.7.z)

SRPMS:
dhcp-3.0.1-62.el4_7.1.src.rpm     MD5: 808d397cf12dc2c89acb57a844b8bb24
 
IA-32:
dhclient-3.0.1-62.el4_7.1.i386.rpm     MD5: 947e2276ad40dce9211ce04795446357
dhcp-3.0.1-62.el4_7.1.i386.rpm     MD5: cb60ed47e7b7e71faa6a62eb9e2f0266
dhcp-devel-3.0.1-62.el4_7.1.i386.rpm     MD5: a9711c7197a62b54df3815f90130e6ca
 
IA-64:
dhclient-3.0.1-62.el4_7.1.ia64.rpm     MD5: 0e09988b29b40837e954421b3de06dbe
dhcp-3.0.1-62.el4_7.1.ia64.rpm     MD5: 1287aa95752f2fdab40583d6b4588d2b
dhcp-devel-3.0.1-62.el4_7.1.ia64.rpm     MD5: bb49a522a4d8d8f5fc3d018d6596876d
 
PPC:
dhclient-3.0.1-62.el4_7.1.ppc.rpm     MD5: 0b97c986debd3408ebe137a26b836e4e
dhcp-3.0.1-62.el4_7.1.ppc.rpm     MD5: 3c8ae331a8f38ede5ffb8d685b0ec2b7
dhcp-devel-3.0.1-62.el4_7.1.ppc.rpm     MD5: 3b1b7f6899d4df151aa580e8f276eab2
 
s390:
dhclient-3.0.1-62.el4_7.1.s390.rpm     MD5: 4eafd7f3eaa9131ba0471e0d85c4e319
dhcp-3.0.1-62.el4_7.1.s390.rpm     MD5: bd1d6b8d4526a3ecb2252d91b1aa4073
dhcp-devel-3.0.1-62.el4_7.1.s390.rpm     MD5: d27770c588c3549d277a588ee2b8ba22
 
s390x:
dhclient-3.0.1-62.el4_7.1.s390x.rpm     MD5: be3e4c67029255238c2678cf2bbd37c1
dhcp-3.0.1-62.el4_7.1.s390x.rpm     MD5: fa6f86326e2b355012f5dc8c37d50948
dhcp-devel-3.0.1-62.el4_7.1.s390x.rpm     MD5: a3c887e9c0df757d61dec067e6748514
 
x86_64:
dhclient-3.0.1-62.el4_7.1.x86_64.rpm     MD5: 00f95be42a81bbdad7231712a892fe7f
dhcp-3.0.1-62.el4_7.1.x86_64.rpm     MD5: 59f8e715a188e6283c61ffb7bb4e744f
dhcp-devel-3.0.1-62.el4_7.1.x86_64.rpm     MD5: edb5259fc7583742d71f56f5ffd056fb
 
Red Hat Enterprise Linux AS (v. 4.8.z)

SRPMS:
dhcp-3.0.1-65.el4_8.1.src.rpm
File outdated by:  RHSA-2011:1160
    MD5: 95695bf71f04b832f893572251a603a2
 
IA-32:
dhclient-3.0.1-65.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:0428
    MD5: 88e584cae71d8a01383fd07db0ca7a8e
dhcp-3.0.1-65.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:0428
    MD5: 8c128a7bd13781d1ef779118aed76fff
dhcp-devel-3.0.1-65.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:0428
    MD5: 1bad8b4e101f780b67b44702775830e2
 
IA-64:
dhclient-3.0.1-65.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:0428
    MD5: eb0cb068c116517f788de30805981733
dhcp-3.0.1-65.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:0428
    MD5: 9e309393fed4433974c34f45328cec90
dhcp-devel-3.0.1-65.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:0428
    MD5: 370b628051752284e32fb1c05c6e8e1b
 
PPC:
dhclient-3.0.1-65.el4_8.1.ppc.rpm
File outdated by:  RHSA-2011:0428
    MD5: 7b5fbcb83453ead314ad548f9172b498
dhcp-3.0.1-65.el4_8.1.ppc.rpm
File outdated by:  RHSA-2011:0428
    MD5: 6d771afd11cd6da71da8c83b446a007c
dhcp-devel-3.0.1-65.el4_8.1.ppc.rpm
File outdated by:  RHSA-2011:0428
    MD5: e8b8fb071ffdc4b78b544155b27b989b
 
s390:
dhclient-3.0.1-65.el4_8.1.s390.rpm
File outdated by:  RHSA-2011:0428
    MD5: f7eade2059f5883a723e62f97e7e53da
dhcp-3.0.1-65.el4_8.1.s390.rpm
File outdated by:  RHSA-2011:0428
    MD5: d080097fa54558c69d06d40198c40de8
dhcp-devel-3.0.1-65.el4_8.1.s390.rpm
File outdated by:  RHSA-2011:0428
    MD5: 3731b37581d64308066295fd003b7acf
 
s390x:
dhclient-3.0.1-65.el4_8.1.s390x.rpm
File outdated by:  RHSA-2011:0428
    MD5: b275401d075fd622bc8603a792c256da
dhcp-3.0.1-65.el4_8.1.s390x.rpm
File outdated by:  RHSA-2011:0428
    MD5: 071f1802fea8719433fb58c638ac2d8c
dhcp-devel-3.0.1-65.el4_8.1.s390x.rpm
File outdated by:  RHSA-2011:0428
    MD5: c3336fe33b4f19bb3da359f45f74ce45
 
x86_64:
dhclient-3.0.1-65.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:0428
    MD5: 908a164936f46ea7f8bf8f0477eceabc
dhcp-3.0.1-65.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:0428
    MD5: 557704ce9c241fce3434acc99975984c
dhcp-devel-3.0.1-65.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:0428
    MD5: e7a425ad71eadbb7de9561ecf40c1608
 
Red Hat Enterprise Linux ES (v. 4)

SRPMS:
dhcp-3.0.1-65.el4_8.1.src.rpm
File outdated by:  RHSA-2011:1160
    MD5: 95695bf71f04b832f893572251a603a2
 
IA-32:
dhclient-3.0.1-65.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1160
    MD5: 88e584cae71d8a01383fd07db0ca7a8e
dhcp-3.0.1-65.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1160
    MD5: 8c128a7bd13781d1ef779118aed76fff
dhcp-devel-3.0.1-65.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1160
    MD5: 1bad8b4e101f780b67b44702775830e2
 
IA-64:
dhclient-3.0.1-65.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1160
    MD5: eb0cb068c116517f788de30805981733
dhcp-3.0.1-65.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1160
    MD5: 9e309393fed4433974c34f45328cec90
dhcp-devel-3.0.1-65.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1160
    MD5: 370b628051752284e32fb1c05c6e8e1b
 
x86_64:
dhclient-3.0.1-65.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1160
    MD5: 908a164936f46ea7f8bf8f0477eceabc
dhcp-3.0.1-65.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1160
    MD5: 557704ce9c241fce3434acc99975984c
dhcp-devel-3.0.1-65.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1160
    MD5: e7a425ad71eadbb7de9561ecf40c1608
 
Red Hat Enterprise Linux ES (v. 4.7.z)

SRPMS:
dhcp-3.0.1-62.el4_7.1.src.rpm     MD5: 808d397cf12dc2c89acb57a844b8bb24
 
IA-32:
dhclient-3.0.1-62.el4_7.1.i386.rpm     MD5: 947e2276ad40dce9211ce04795446357
dhcp-3.0.1-62.el4_7.1.i386.rpm     MD5: cb60ed47e7b7e71faa6a62eb9e2f0266
dhcp-devel-3.0.1-62.el4_7.1.i386.rpm     MD5: a9711c7197a62b54df3815f90130e6ca
 
IA-64:
dhclient-3.0.1-62.el4_7.1.ia64.rpm     MD5: 0e09988b29b40837e954421b3de06dbe
dhcp-3.0.1-62.el4_7.1.ia64.rpm     MD5: 1287aa95752f2fdab40583d6b4588d2b
dhcp-devel-3.0.1-62.el4_7.1.ia64.rpm     MD5: bb49a522a4d8d8f5fc3d018d6596876d
 
x86_64:
dhclient-3.0.1-62.el4_7.1.x86_64.rpm     MD5: 00f95be42a81bbdad7231712a892fe7f
dhcp-3.0.1-62.el4_7.1.x86_64.rpm     MD5: 59f8e715a188e6283c61ffb7bb4e744f
dhcp-devel-3.0.1-62.el4_7.1.x86_64.rpm     MD5: edb5259fc7583742d71f56f5ffd056fb
 
Red Hat Enterprise Linux ES (v. 4.8.z)

SRPMS:
dhcp-3.0.1-65.el4_8.1.src.rpm
File outdated by:  RHSA-2011:1160
    MD5: 95695bf71f04b832f893572251a603a2
 
IA-32:
dhclient-3.0.1-65.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:0428
    MD5: 88e584cae71d8a01383fd07db0ca7a8e
dhcp-3.0.1-65.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:0428
    MD5: 8c128a7bd13781d1ef779118aed76fff
dhcp-devel-3.0.1-65.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:0428
    MD5: 1bad8b4e101f780b67b44702775830e2
 
IA-64:
dhclient-3.0.1-65.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:0428
    MD5: eb0cb068c116517f788de30805981733
dhcp-3.0.1-65.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:0428
    MD5: 9e309393fed4433974c34f45328cec90
dhcp-devel-3.0.1-65.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:0428
    MD5: 370b628051752284e32fb1c05c6e8e1b
 
x86_64:
dhclient-3.0.1-65.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:0428
    MD5: 908a164936f46ea7f8bf8f0477eceabc
dhcp-3.0.1-65.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:0428
    MD5: 557704ce9c241fce3434acc99975984c
dhcp-devel-3.0.1-65.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:0428
    MD5: e7a425ad71eadbb7de9561ecf40c1608
 
Red Hat Enterprise Linux WS (v. 4)

SRPMS:
dhcp-3.0.1-65.el4_8.1.src.rpm
File outdated by:  RHSA-2011:1160
    MD5: 95695bf71f04b832f893572251a603a2
 
IA-32:
dhclient-3.0.1-65.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1160
    MD5: 88e584cae71d8a01383fd07db0ca7a8e
dhcp-3.0.1-65.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1160
    MD5: 8c128a7bd13781d1ef779118aed76fff
dhcp-devel-3.0.1-65.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1160
    MD5: 1bad8b4e101f780b67b44702775830e2
 
IA-64:
dhclient-3.0.1-65.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1160
    MD5: eb0cb068c116517f788de30805981733
dhcp-3.0.1-65.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1160
    MD5: 9e309393fed4433974c34f45328cec90
dhcp-devel-3.0.1-65.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1160
    MD5: 370b628051752284e32fb1c05c6e8e1b
 
x86_64:
dhclient-3.0.1-65.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1160
    MD5: 908a164936f46ea7f8bf8f0477eceabc
dhcp-3.0.1-65.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1160
    MD5: 557704ce9c241fce3434acc99975984c
dhcp-devel-3.0.1-65.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1160
    MD5: e7a425ad71eadbb7de9561ecf40c1608
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

507717 - CVE-2009-0692 dhclient: stack overflow leads to arbitrary code execution as root


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/