Security Advisory Critical: dhcp security update

Advisory: RHSA-2009:1136-1
Type: Security Advisory
Severity: Critical
Issued on: 2009-07-14
Last updated on: 2009-07-14
Affected Products: Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.7.z)
Red Hat Enterprise Linux AS (v. 4.8.z)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.7.z)
Red Hat Enterprise Linux ES (v. 4.8.z)
Red Hat Enterprise Linux WS (v. 4)
OVAL: com.redhat.rhsa-20091136.xml
CVEs (cve.mitre.org): CVE-2009-0692

Details

Updated dhcp packages that fix a security issue are now available for Red
Hat Enterprise Linux 4 and 4.7 Extended Update Support.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows
individual devices on an IP network to get their own network configuration
information, including an IP address, a subnet mask, and a broadcast
address.

The Mandriva Linux Engineering Team discovered a stack-based buffer
overflow flaw in the ISC DHCP client. If the DHCP client were to receive a
malicious DHCP response, it could crash or execute arbitrary code with the
permissions of the client (root). (CVE-2009-0692)

Users of DHCP should upgrade to these updated packages, which contain a
backported patch to correct this issue.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Desktop (v. 4)
SRPMS:
dhcp-3.0.1-65.el4_8.1.src.rpm     95695bf71f04b832f893572251a603a2
 
IA-32:
dhclient-3.0.1-65.el4_8.1.i386.rpm     88e584cae71d8a01383fd07db0ca7a8e
dhcp-3.0.1-65.el4_8.1.i386.rpm     8c128a7bd13781d1ef779118aed76fff
dhcp-devel-3.0.1-65.el4_8.1.i386.rpm     1bad8b4e101f780b67b44702775830e2
 
x86_64:
dhclient-3.0.1-65.el4_8.1.x86_64.rpm     908a164936f46ea7f8bf8f0477eceabc
dhcp-3.0.1-65.el4_8.1.x86_64.rpm     557704ce9c241fce3434acc99975984c
dhcp-devel-3.0.1-65.el4_8.1.x86_64.rpm     e7a425ad71eadbb7de9561ecf40c1608
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
dhcp-3.0.1-65.el4_8.1.src.rpm     95695bf71f04b832f893572251a603a2
 
IA-32:
dhclient-3.0.1-65.el4_8.1.i386.rpm     88e584cae71d8a01383fd07db0ca7a8e
dhcp-3.0.1-65.el4_8.1.i386.rpm     8c128a7bd13781d1ef779118aed76fff
dhcp-devel-3.0.1-65.el4_8.1.i386.rpm     1bad8b4e101f780b67b44702775830e2
 
IA-64:
dhclient-3.0.1-65.el4_8.1.ia64.rpm     eb0cb068c116517f788de30805981733
dhcp-3.0.1-65.el4_8.1.ia64.rpm     9e309393fed4433974c34f45328cec90
dhcp-devel-3.0.1-65.el4_8.1.ia64.rpm     370b628051752284e32fb1c05c6e8e1b
 
PPC:
dhclient-3.0.1-65.el4_8.1.ppc.rpm     7b5fbcb83453ead314ad548f9172b498
dhcp-3.0.1-65.el4_8.1.ppc.rpm     6d771afd11cd6da71da8c83b446a007c
dhcp-devel-3.0.1-65.el4_8.1.ppc.rpm     e8b8fb071ffdc4b78b544155b27b989b
 
s390:
dhclient-3.0.1-65.el4_8.1.s390.rpm     f7eade2059f5883a723e62f97e7e53da
dhcp-3.0.1-65.el4_8.1.s390.rpm     d080097fa54558c69d06d40198c40de8
dhcp-devel-3.0.1-65.el4_8.1.s390.rpm     3731b37581d64308066295fd003b7acf
 
s390x:
dhclient-3.0.1-65.el4_8.1.s390x.rpm     b275401d075fd622bc8603a792c256da
dhcp-3.0.1-65.el4_8.1.s390x.rpm     071f1802fea8719433fb58c638ac2d8c
dhcp-devel-3.0.1-65.el4_8.1.s390x.rpm     c3336fe33b4f19bb3da359f45f74ce45
 
x86_64:
dhclient-3.0.1-65.el4_8.1.x86_64.rpm     908a164936f46ea7f8bf8f0477eceabc
dhcp-3.0.1-65.el4_8.1.x86_64.rpm     557704ce9c241fce3434acc99975984c
dhcp-devel-3.0.1-65.el4_8.1.x86_64.rpm     e7a425ad71eadbb7de9561ecf40c1608
 
Red Hat Enterprise Linux AS (v. 4.7.z)
SRPMS:
dhcp-3.0.1-62.el4_7.1.src.rpm     808d397cf12dc2c89acb57a844b8bb24
 
IA-32:
dhclient-3.0.1-62.el4_7.1.i386.rpm     947e2276ad40dce9211ce04795446357
dhcp-3.0.1-62.el4_7.1.i386.rpm     cb60ed47e7b7e71faa6a62eb9e2f0266
dhcp-devel-3.0.1-62.el4_7.1.i386.rpm     a9711c7197a62b54df3815f90130e6ca
 
IA-64:
dhclient-3.0.1-62.el4_7.1.ia64.rpm     0e09988b29b40837e954421b3de06dbe
dhcp-3.0.1-62.el4_7.1.ia64.rpm     1287aa95752f2fdab40583d6b4588d2b
dhcp-devel-3.0.1-62.el4_7.1.ia64.rpm     bb49a522a4d8d8f5fc3d018d6596876d
 
PPC:
dhclient-3.0.1-62.el4_7.1.ppc.rpm     0b97c986debd3408ebe137a26b836e4e
dhcp-3.0.1-62.el4_7.1.ppc.rpm     3c8ae331a8f38ede5ffb8d685b0ec2b7
dhcp-devel-3.0.1-62.el4_7.1.ppc.rpm     3b1b7f6899d4df151aa580e8f276eab2
 
s390:
dhclient-3.0.1-62.el4_7.1.s390.rpm     4eafd7f3eaa9131ba0471e0d85c4e319
dhcp-3.0.1-62.el4_7.1.s390.rpm     bd1d6b8d4526a3ecb2252d91b1aa4073
dhcp-devel-3.0.1-62.el4_7.1.s390.rpm     d27770c588c3549d277a588ee2b8ba22
 
s390x:
dhclient-3.0.1-62.el4_7.1.s390x.rpm     be3e4c67029255238c2678cf2bbd37c1
dhcp-3.0.1-62.el4_7.1.s390x.rpm     fa6f86326e2b355012f5dc8c37d50948
dhcp-devel-3.0.1-62.el4_7.1.s390x.rpm     a3c887e9c0df757d61dec067e6748514
 
x86_64:
dhclient-3.0.1-62.el4_7.1.x86_64.rpm     00f95be42a81bbdad7231712a892fe7f
dhcp-3.0.1-62.el4_7.1.x86_64.rpm     59f8e715a188e6283c61ffb7bb4e744f
dhcp-devel-3.0.1-62.el4_7.1.x86_64.rpm     edb5259fc7583742d71f56f5ffd056fb
 
Red Hat Enterprise Linux AS (v. 4.8.z)
SRPMS:
dhcp-3.0.1-65.el4_8.1.src.rpm     95695bf71f04b832f893572251a603a2
 
IA-32:
dhclient-3.0.1-65.el4_8.1.i386.rpm     88e584cae71d8a01383fd07db0ca7a8e
dhcp-3.0.1-65.el4_8.1.i386.rpm     8c128a7bd13781d1ef779118aed76fff
dhcp-devel-3.0.1-65.el4_8.1.i386.rpm     1bad8b4e101f780b67b44702775830e2
 
IA-64:
dhclient-3.0.1-65.el4_8.1.ia64.rpm     eb0cb068c116517f788de30805981733
dhcp-3.0.1-65.el4_8.1.ia64.rpm     9e309393fed4433974c34f45328cec90
dhcp-devel-3.0.1-65.el4_8.1.ia64.rpm     370b628051752284e32fb1c05c6e8e1b
 
PPC:
dhclient-3.0.1-65.el4_8.1.ppc.rpm     7b5fbcb83453ead314ad548f9172b498
dhcp-3.0.1-65.el4_8.1.ppc.rpm     6d771afd11cd6da71da8c83b446a007c
dhcp-devel-3.0.1-65.el4_8.1.ppc.rpm     e8b8fb071ffdc4b78b544155b27b989b
 
s390:
dhclient-3.0.1-65.el4_8.1.s390.rpm     f7eade2059f5883a723e62f97e7e53da
dhcp-3.0.1-65.el4_8.1.s390.rpm     d080097fa54558c69d06d40198c40de8
dhcp-devel-3.0.1-65.el4_8.1.s390.rpm     3731b37581d64308066295fd003b7acf
 
s390x:
dhclient-3.0.1-65.el4_8.1.s390x.rpm     b275401d075fd622bc8603a792c256da
dhcp-3.0.1-65.el4_8.1.s390x.rpm     071f1802fea8719433fb58c638ac2d8c
dhcp-devel-3.0.1-65.el4_8.1.s390x.rpm     c3336fe33b4f19bb3da359f45f74ce45
 
x86_64:
dhclient-3.0.1-65.el4_8.1.x86_64.rpm     908a164936f46ea7f8bf8f0477eceabc
dhcp-3.0.1-65.el4_8.1.x86_64.rpm     557704ce9c241fce3434acc99975984c
dhcp-devel-3.0.1-65.el4_8.1.x86_64.rpm     e7a425ad71eadbb7de9561ecf40c1608
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
dhcp-3.0.1-65.el4_8.1.src.rpm     95695bf71f04b832f893572251a603a2
 
IA-32:
dhclient-3.0.1-65.el4_8.1.i386.rpm     88e584cae71d8a01383fd07db0ca7a8e
dhcp-3.0.1-65.el4_8.1.i386.rpm     8c128a7bd13781d1ef779118aed76fff
dhcp-devel-3.0.1-65.el4_8.1.i386.rpm     1bad8b4e101f780b67b44702775830e2
 
IA-64:
dhclient-3.0.1-65.el4_8.1.ia64.rpm     eb0cb068c116517f788de30805981733
dhcp-3.0.1-65.el4_8.1.ia64.rpm     9e309393fed4433974c34f45328cec90
dhcp-devel-3.0.1-65.el4_8.1.ia64.rpm     370b628051752284e32fb1c05c6e8e1b
 
x86_64:
dhclient-3.0.1-65.el4_8.1.x86_64.rpm     908a164936f46ea7f8bf8f0477eceabc
dhcp-3.0.1-65.el4_8.1.x86_64.rpm     557704ce9c241fce3434acc99975984c
dhcp-devel-3.0.1-65.el4_8.1.x86_64.rpm     e7a425ad71eadbb7de9561ecf40c1608
 
Red Hat Enterprise Linux ES (v. 4.7.z)
SRPMS:
dhcp-3.0.1-62.el4_7.1.src.rpm     808d397cf12dc2c89acb57a844b8bb24
 
IA-32:
dhclient-3.0.1-62.el4_7.1.i386.rpm     947e2276ad40dce9211ce04795446357
dhcp-3.0.1-62.el4_7.1.i386.rpm     cb60ed47e7b7e71faa6a62eb9e2f0266
dhcp-devel-3.0.1-62.el4_7.1.i386.rpm     a9711c7197a62b54df3815f90130e6ca
 
IA-64:
dhclient-3.0.1-62.el4_7.1.ia64.rpm     0e09988b29b40837e954421b3de06dbe
dhcp-3.0.1-62.el4_7.1.ia64.rpm     1287aa95752f2fdab40583d6b4588d2b
dhcp-devel-3.0.1-62.el4_7.1.ia64.rpm     bb49a522a4d8d8f5fc3d018d6596876d
 
x86_64:
dhclient-3.0.1-62.el4_7.1.x86_64.rpm     00f95be42a81bbdad7231712a892fe7f
dhcp-3.0.1-62.el4_7.1.x86_64.rpm     59f8e715a188e6283c61ffb7bb4e744f
dhcp-devel-3.0.1-62.el4_7.1.x86_64.rpm     edb5259fc7583742d71f56f5ffd056fb
 
Red Hat Enterprise Linux ES (v. 4.8.z)
SRPMS:
dhcp-3.0.1-65.el4_8.1.src.rpm     95695bf71f04b832f893572251a603a2
 
IA-32:
dhclient-3.0.1-65.el4_8.1.i386.rpm     88e584cae71d8a01383fd07db0ca7a8e
dhcp-3.0.1-65.el4_8.1.i386.rpm     8c128a7bd13781d1ef779118aed76fff
dhcp-devel-3.0.1-65.el4_8.1.i386.rpm     1bad8b4e101f780b67b44702775830e2
 
IA-64:
dhclient-3.0.1-65.el4_8.1.ia64.rpm     eb0cb068c116517f788de30805981733
dhcp-3.0.1-65.el4_8.1.ia64.rpm     9e309393fed4433974c34f45328cec90
dhcp-devel-3.0.1-65.el4_8.1.ia64.rpm     370b628051752284e32fb1c05c6e8e1b
 
x86_64:
dhclient-3.0.1-65.el4_8.1.x86_64.rpm     908a164936f46ea7f8bf8f0477eceabc
dhcp-3.0.1-65.el4_8.1.x86_64.rpm     557704ce9c241fce3434acc99975984c
dhcp-devel-3.0.1-65.el4_8.1.x86_64.rpm     e7a425ad71eadbb7de9561ecf40c1608
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
dhcp-3.0.1-65.el4_8.1.src.rpm     95695bf71f04b832f893572251a603a2
 
IA-32:
dhclient-3.0.1-65.el4_8.1.i386.rpm     88e584cae71d8a01383fd07db0ca7a8e
dhcp-3.0.1-65.el4_8.1.i386.rpm     8c128a7bd13781d1ef779118aed76fff
dhcp-devel-3.0.1-65.el4_8.1.i386.rpm     1bad8b4e101f780b67b44702775830e2
 
IA-64:
dhclient-3.0.1-65.el4_8.1.ia64.rpm     eb0cb068c116517f788de30805981733
dhcp-3.0.1-65.el4_8.1.ia64.rpm     9e309393fed4433974c34f45328cec90
dhcp-devel-3.0.1-65.el4_8.1.ia64.rpm     370b628051752284e32fb1c05c6e8e1b
 
x86_64:
dhclient-3.0.1-65.el4_8.1.x86_64.rpm     908a164936f46ea7f8bf8f0477eceabc
dhcp-3.0.1-65.el4_8.1.x86_64.rpm     557704ce9c241fce3434acc99975984c
dhcp-devel-3.0.1-65.el4_8.1.x86_64.rpm     e7a425ad71eadbb7de9561ecf40c1608
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

507717 - CVE-2009-0692 dhclient: stack overflow leads to arbitrary code execution as root


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692
http://www.redhat.com/security/updates/classification/#critical

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/