Skip to navigation

Security Advisory Critical: dhcp security update

Advisory: RHSA-2009:1154-1
Type: Security Advisory
Severity: Critical
Issued on: 2009-07-14
Last updated on: 2009-07-14
Affected Products: Red Hat Desktop (v. 3)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 3)
CVEs (cve.mitre.org): CVE-2009-0692
CVE-2009-1893

Details

Updated dhcp packages that fix two security issues are now available for
Red Hat Enterprise Linux 3.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows
individual devices on an IP network to get their own network configuration
information, including an IP address, a subnet mask, and a broadcast
address.

The Mandriva Linux Engineering Team discovered a stack-based buffer
overflow flaw in the ISC DHCP client. If the DHCP client were to receive a
malicious DHCP response, it could crash or execute arbitrary code with the
permissions of the client (root). (CVE-2009-0692)

An insecure temporary file use flaw was discovered in the DHCP daemon's
init script ("/etc/init.d/dhcpd"). A local attacker could use this flaw to
overwrite an arbitrary file with the output of the "dhcpd -t" command via
a symbolic link attack, if a system administrator executed the DHCP init
script with the "configtest", "restart", or "reload" option.
(CVE-2009-1893)

Users of DHCP should upgrade to these updated packages, which contain
backported patches to correct these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Desktop (v. 3)

SRPMS:
ftp://updates.redhat.com/rhn/public/NULL/dhcp/3.0.1-10.2_EL3/SRPMS/dhcp-3.0.1-10.2_EL3.src.rpm
Missing file
    MD5: 269d479e386d37c6091a156b567c26ca
 
IA-32:
ftp://updates.redhat.com/rhn/public/NULL/dhclient/3.0.1-10.2_EL3/i386/dhclient-3.0.1-10.2_EL3.i386.rpm
Missing file
    MD5: cd4472e15aa2559cef4f8882fa3f3310
ftp://updates.redhat.com/rhn/public/NULL/dhcp/3.0.1-10.2_EL3/i386/dhcp-3.0.1-10.2_EL3.i386.rpm
Missing file
    MD5: b1fa4f542e67c24195d9e7c5b4fe4ae4
ftp://updates.redhat.com/rhn/public/NULL/dhcp-devel/3.0.1-10.2_EL3/i386/dhcp-devel-3.0.1-10.2_EL3.i386.rpm
Missing file
    MD5: 69bf1686adbaddfe49d08e7d83fa866e
 
x86_64:
ftp://updates.redhat.com/rhn/public/NULL/dhclient/3.0.1-10.2_EL3/x86_64/dhclient-3.0.1-10.2_EL3.x86_64.rpm
Missing file
    MD5: 9fb0dbfc67a4ff731e7f69ac6e419483
ftp://updates.redhat.com/rhn/public/NULL/dhcp/3.0.1-10.2_EL3/x86_64/dhcp-3.0.1-10.2_EL3.x86_64.rpm
Missing file
    MD5: 04de0ab21e4b522c2eb862e5af1c9580
ftp://updates.redhat.com/rhn/public/NULL/dhcp-devel/3.0.1-10.2_EL3/x86_64/dhcp-devel-3.0.1-10.2_EL3.x86_64.rpm
Missing file
    MD5: fcf421ba8cae6ffebf596b11b046652a
 
Red Hat Enterprise Linux AS (v. 3)

SRPMS:
ftp://updates.redhat.com/rhn/public/NULL/dhcp/3.0.1-10.2_EL3/SRPMS/dhcp-3.0.1-10.2_EL3.src.rpm
Missing file
    MD5: 269d479e386d37c6091a156b567c26ca
 
IA-32:
ftp://updates.redhat.com/rhn/public/NULL/dhclient/3.0.1-10.2_EL3/i386/dhclient-3.0.1-10.2_EL3.i386.rpm
Missing file
    MD5: cd4472e15aa2559cef4f8882fa3f3310
ftp://updates.redhat.com/rhn/public/NULL/dhcp/3.0.1-10.2_EL3/i386/dhcp-3.0.1-10.2_EL3.i386.rpm
Missing file
    MD5: b1fa4f542e67c24195d9e7c5b4fe4ae4
ftp://updates.redhat.com/rhn/public/NULL/dhcp-devel/3.0.1-10.2_EL3/i386/dhcp-devel-3.0.1-10.2_EL3.i386.rpm
Missing file
    MD5: 69bf1686adbaddfe49d08e7d83fa866e
 
IA-64:
ftp://updates.redhat.com/rhn/public/NULL/dhclient/3.0.1-10.2_EL3/ia64/dhclient-3.0.1-10.2_EL3.ia64.rpm
Missing file
    MD5: aa9c13045f343a35b328cd2f264797fb
ftp://updates.redhat.com/rhn/public/NULL/dhcp/3.0.1-10.2_EL3/ia64/dhcp-3.0.1-10.2_EL3.ia64.rpm
Missing file
    MD5: 44b8bea9a8db29489e6d8b9002507d79
ftp://updates.redhat.com/rhn/public/NULL/dhcp-devel/3.0.1-10.2_EL3/ia64/dhcp-devel-3.0.1-10.2_EL3.ia64.rpm
Missing file
    MD5: 1f4dec37918332f41649b8e6d08d5cb1
 
PPC:
ftp://updates.redhat.com/rhn/public/NULL/dhclient/3.0.1-10.2_EL3/ppc/dhclient-3.0.1-10.2_EL3.ppc.rpm
Missing file
    MD5: 0c010e288a91775149a2446ac948036f
ftp://updates.redhat.com/rhn/public/NULL/dhcp/3.0.1-10.2_EL3/ppc/dhcp-3.0.1-10.2_EL3.ppc.rpm
Missing file
    MD5: 72f1a0db2e6799fc03fb11000753b7d1
ftp://updates.redhat.com/rhn/public/NULL/dhcp-devel/3.0.1-10.2_EL3/ppc/dhcp-devel-3.0.1-10.2_EL3.ppc.rpm
Missing file
    MD5: e70c9aeeb59ef0f0a7dd8886b0b53156
 
s390:
ftp://updates.redhat.com/rhn/public/NULL/dhclient/3.0.1-10.2_EL3/s390/dhclient-3.0.1-10.2_EL3.s390.rpm
Missing file
    MD5: 5e38b48748bb5fe744f0ab2b80ad5bcc
ftp://updates.redhat.com/rhn/public/NULL/dhcp/3.0.1-10.2_EL3/s390/dhcp-3.0.1-10.2_EL3.s390.rpm
Missing file
    MD5: 467049461c05d1f347436a1130898681
ftp://updates.redhat.com/rhn/public/NULL/dhcp-devel/3.0.1-10.2_EL3/s390/dhcp-devel-3.0.1-10.2_EL3.s390.rpm
Missing file
    MD5: c3b2967a13dd224eb961091246f4ca08
 
s390x:
ftp://updates.redhat.com/rhn/public/NULL/dhclient/3.0.1-10.2_EL3/s390x/dhclient-3.0.1-10.2_EL3.s390x.rpm
Missing file
    MD5: a7948644d87ab915efc165f82e373674
ftp://updates.redhat.com/rhn/public/NULL/dhcp/3.0.1-10.2_EL3/s390x/dhcp-3.0.1-10.2_EL3.s390x.rpm
Missing file
    MD5: 181faabe165773884ae97da6f17a3984
ftp://updates.redhat.com/rhn/public/NULL/dhcp-devel/3.0.1-10.2_EL3/s390x/dhcp-devel-3.0.1-10.2_EL3.s390x.rpm
Missing file
    MD5: d94ac4f5419eb9575f8d023bd647cb4d
 
x86_64:
ftp://updates.redhat.com/rhn/public/NULL/dhclient/3.0.1-10.2_EL3/x86_64/dhclient-3.0.1-10.2_EL3.x86_64.rpm
Missing file
    MD5: 9fb0dbfc67a4ff731e7f69ac6e419483
ftp://updates.redhat.com/rhn/public/NULL/dhcp/3.0.1-10.2_EL3/x86_64/dhcp-3.0.1-10.2_EL3.x86_64.rpm
Missing file
    MD5: 04de0ab21e4b522c2eb862e5af1c9580
ftp://updates.redhat.com/rhn/public/NULL/dhcp-devel/3.0.1-10.2_EL3/x86_64/dhcp-devel-3.0.1-10.2_EL3.x86_64.rpm
Missing file
    MD5: fcf421ba8cae6ffebf596b11b046652a
 
Red Hat Enterprise Linux ES (v. 3)

SRPMS:
ftp://updates.redhat.com/rhn/public/NULL/dhcp/3.0.1-10.2_EL3/SRPMS/dhcp-3.0.1-10.2_EL3.src.rpm
Missing file
    MD5: 269d479e386d37c6091a156b567c26ca
 
IA-32:
ftp://updates.redhat.com/rhn/public/NULL/dhclient/3.0.1-10.2_EL3/i386/dhclient-3.0.1-10.2_EL3.i386.rpm
Missing file
    MD5: cd4472e15aa2559cef4f8882fa3f3310
ftp://updates.redhat.com/rhn/public/NULL/dhcp/3.0.1-10.2_EL3/i386/dhcp-3.0.1-10.2_EL3.i386.rpm
Missing file
    MD5: b1fa4f542e67c24195d9e7c5b4fe4ae4
ftp://updates.redhat.com/rhn/public/NULL/dhcp-devel/3.0.1-10.2_EL3/i386/dhcp-devel-3.0.1-10.2_EL3.i386.rpm
Missing file
    MD5: 69bf1686adbaddfe49d08e7d83fa866e
 
IA-64:
ftp://updates.redhat.com/rhn/public/NULL/dhclient/3.0.1-10.2_EL3/ia64/dhclient-3.0.1-10.2_EL3.ia64.rpm
Missing file
    MD5: aa9c13045f343a35b328cd2f264797fb
ftp://updates.redhat.com/rhn/public/NULL/dhcp/3.0.1-10.2_EL3/ia64/dhcp-3.0.1-10.2_EL3.ia64.rpm
Missing file
    MD5: 44b8bea9a8db29489e6d8b9002507d79
ftp://updates.redhat.com/rhn/public/NULL/dhcp-devel/3.0.1-10.2_EL3/ia64/dhcp-devel-3.0.1-10.2_EL3.ia64.rpm
Missing file
    MD5: 1f4dec37918332f41649b8e6d08d5cb1
 
x86_64:
ftp://updates.redhat.com/rhn/public/NULL/dhclient/3.0.1-10.2_EL3/x86_64/dhclient-3.0.1-10.2_EL3.x86_64.rpm
Missing file
    MD5: 9fb0dbfc67a4ff731e7f69ac6e419483
ftp://updates.redhat.com/rhn/public/NULL/dhcp/3.0.1-10.2_EL3/x86_64/dhcp-3.0.1-10.2_EL3.x86_64.rpm
Missing file
    MD5: 04de0ab21e4b522c2eb862e5af1c9580
ftp://updates.redhat.com/rhn/public/NULL/dhcp-devel/3.0.1-10.2_EL3/x86_64/dhcp-devel-3.0.1-10.2_EL3.x86_64.rpm
Missing file
    MD5: fcf421ba8cae6ffebf596b11b046652a
 
Red Hat Enterprise Linux WS (v. 3)

SRPMS:
ftp://updates.redhat.com/rhn/public/NULL/dhcp/3.0.1-10.2_EL3/SRPMS/dhcp-3.0.1-10.2_EL3.src.rpm
Missing file
    MD5: 269d479e386d37c6091a156b567c26ca
 
IA-32:
ftp://updates.redhat.com/rhn/public/NULL/dhclient/3.0.1-10.2_EL3/i386/dhclient-3.0.1-10.2_EL3.i386.rpm
Missing file
    MD5: cd4472e15aa2559cef4f8882fa3f3310
ftp://updates.redhat.com/rhn/public/NULL/dhcp/3.0.1-10.2_EL3/i386/dhcp-3.0.1-10.2_EL3.i386.rpm
Missing file
    MD5: b1fa4f542e67c24195d9e7c5b4fe4ae4
ftp://updates.redhat.com/rhn/public/NULL/dhcp-devel/3.0.1-10.2_EL3/i386/dhcp-devel-3.0.1-10.2_EL3.i386.rpm
Missing file
    MD5: 69bf1686adbaddfe49d08e7d83fa866e
 
IA-64:
ftp://updates.redhat.com/rhn/public/NULL/dhclient/3.0.1-10.2_EL3/ia64/dhclient-3.0.1-10.2_EL3.ia64.rpm
Missing file
    MD5: aa9c13045f343a35b328cd2f264797fb
ftp://updates.redhat.com/rhn/public/NULL/dhcp/3.0.1-10.2_EL3/ia64/dhcp-3.0.1-10.2_EL3.ia64.rpm
Missing file
    MD5: 44b8bea9a8db29489e6d8b9002507d79
ftp://updates.redhat.com/rhn/public/NULL/dhcp-devel/3.0.1-10.2_EL3/ia64/dhcp-devel-3.0.1-10.2_EL3.ia64.rpm
Missing file
    MD5: 1f4dec37918332f41649b8e6d08d5cb1
 
x86_64:
ftp://updates.redhat.com/rhn/public/NULL/dhclient/3.0.1-10.2_EL3/x86_64/dhclient-3.0.1-10.2_EL3.x86_64.rpm
Missing file
    MD5: 9fb0dbfc67a4ff731e7f69ac6e419483
ftp://updates.redhat.com/rhn/public/NULL/dhcp/3.0.1-10.2_EL3/x86_64/dhcp-3.0.1-10.2_EL3.x86_64.rpm
Missing file
    MD5: 04de0ab21e4b522c2eb862e5af1c9580
ftp://updates.redhat.com/rhn/public/NULL/dhcp-devel/3.0.1-10.2_EL3/x86_64/dhcp-devel-3.0.1-10.2_EL3.x86_64.rpm
Missing file
    MD5: fcf421ba8cae6ffebf596b11b046652a
 

Bugs fixed (see bugzilla for more information)

507717 - CVE-2009-0692 dhclient: stack overflow leads to arbitrary code execution as root
510024 - CVE-2009-1893 dhcp: insecure temporary file use in the dhcpd init script


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/