Several remote vulnerabilities have been discovered in ISC’s DHCP
implementation:
- CVE-2009-0692
It was discovered that dhclient does not properly handle overlong
subnet mask options, leading to a stack-based buffer overflow and
possible arbitrary code execution.
- CVE-2009-1892
Christoph Biedl discovered that the DHCP server may terminate when
receiving certain well-formed DHCP requests, provided that the server
configuration mixes host definitions using “dhcp-client-identifier”
and “hardware ethernet”. This vulnerability only affects the lenny
versions of dhcp3-server and dhcp3-server-ldap.
For the old stable distribution (etch), these problems have been fixed
in version 3.0.4-13+etch2.
For the stable distribution (lenny), this problem has been fixed in
version 3.1.1-6+lenny2.
For the unstable distribution (sid), these problems will be fixed
soon.
We recommend that you upgrade your dhcp3 packages.