ISC DHCP server fails to handle zero-length client identifier

Overview

A vulnerability in ISC DHCP could allow a remote attacker to cause the DHCP server to exit, resulting in a denial of service.

Description

ISC DHCP is a commonly redistributed reference implementation of the Dynamic Host Configuration Protocol (DHCP), including a server, client, and relay agent. The server component contains a fencepost error in the way that it handles client identifiers. As a result, a request from a client system containing a zero-length client id will cause the server to exit.

ISC indicates that this vulnerability affects ISC-DHCP versions 4.0.x, 4.1.x, and 4.2.x but not 3.1.x. We are aware of publicly available exploit code for this vulnerability.

---

Impact

A remote unauthenticated attacker may cause the DHCP server to exit, thereby causing a denial of service.

---

Solution

Upgrade or apply a patch from the vendor

Patches and updated versions of the software have been released to address this issue. Please see the Systems Affected section of this document for more information.

Users who compile their DHCP software from the original source distribution should upgrade to one of the following versions: 4.1.1-P1 or 4.0.2-P1.

---

Vendor Information

541921

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Fedora Project Affected

Updated: July 14, 2010

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

• <http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042843.html&gt;

Internet Systems Consortium Affected

Updated: July 14, 2010

Statement Date: May 28, 2010

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

• <http://www.isc.org/software/dhcp/advisories/cve-2010-2156&gt;

Mandriva S. A. Affected

Updated: July 14, 2010

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

• <http://www.mandriva.com/security/advisories?name=MDVSA-2010:114&gt;

CVSS Metrics

Group	Score	Vector
Base
Temporal
Environmental

References

• <http://secunia.com/advisories/40116&gt;
• <http://xforce.iss.net/xforce/xfdb/59222&gt;
• <http://www.securitytracker.com/id?1024093&gt;
• <http://www.securityfocus.com/bid/40775&gt;

Acknowledgements

Thanks to ISC for reporting this vulnerability.

This document was written by Chad R Dougherty.

Other Information

CVE IDs:	CVE-2010-2156
Severity Metric:	5.63 Date Public: