• info
• discussion
• exploit
• solution
• references

ISC DHCPD Remote Format String Vulnerability

Solution:
It is reported that the vendor has released an update to address this vulnerability. This update is reported to be located at:
ftp://ftp.isc.org/isc/dhcp/dhcp-3.0.2rc1.tar.gz
This is not confirmed by Symantec, users are advised to contact the vendor for further information.

Debian has released an advisory (DSA 584-1) and fixes to address this issue. Please see the referenced advisory for further information regarding obtaining and applying appropriate updates.

RedHat Linux has released advisory RHSA-2005:212-06 to address this issue in RedHat Enterprise Linux operating systems. Please see the referenced advisory for further information.

RedHat Fedora has released Fedora Legacy security advisory FLSA:152835 addressing this issue. Please see the referenced advisory for further information.


ISC DHCPD 2.0.pl5

• Debian dhcp-client_2.0pl5-11woody1_alpha.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5 -11woody1_alpha.deb


• Debian dhcp-client_2.0pl5-11woody1_arm.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5 -11woody1_arm.deb


• Debian dhcp-client_2.0pl5-11woody1_hppa.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5 -11woody1_hppa.deb


• Debian dhcp-client_2.0pl5-11woody1_i386.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5 -11woody1_i386.deb


• Debian dhcp-client_2.0pl5-11woody1_ia64.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5 -11woody1_ia64.deb


• Debian dhcp-client_2.0pl5-11woody1_m68k.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5 -11woody1_m68k.deb


• Debian dhcp-client_2.0pl5-11woody1_mips.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5 -11woody1_mips.deb


• Debian dhcp-client_2.0pl5-11woody1_mipsel.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5 -11woody1_mipsel.deb


• Debian dhcp-client_2.0pl5-11woody1_powerpc.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5 -11woody1_powerpc.deb


• Debian dhcp-client_2.0pl5-11woody1_s390.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5 -11woody1_s390.deb


• Debian dhcp-client_2.0pl5-11woody1_sparc.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5 -11woody1_sparc.deb


• Debian dhcp-relay_2.0pl5-11woody1_alpha.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5- 11woody1_alpha.deb


• Debian dhcp-relay_2.0pl5-11woody1_arm.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5- 11woody1_arm.deb


• Debian dhcp-relay_2.0pl5-11woody1_hppa.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5- 11woody1_hppa.deb


• Debian dhcp-relay_2.0pl5-11woody1_i386.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5- 11woody1_i386.deb


• Debian dhcp-relay_2.0pl5-11woody1_ia64.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5- 11woody1_ia64.deb


• Debian dhcp-relay_2.0pl5-11woody1_m68k.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5- 11woody1_m68k.deb


• Debian dhcp-relay_2.0pl5-11woody1_mips.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5- 11woody1_mips.deb


• Debian dhcp-relay_2.0pl5-11woody1_mipsel.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5- 11woody1_mipsel.deb


• Debian dhcp-relay_2.0pl5-11woody1_powerpc.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5- 11woody1_powerpc.deb


• Debian dhcp-relay_2.0pl5-11woody1_s390.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5- 11woody1_s390.deb


• Debian dhcp-relay_2.0pl5-11woody1_sparc.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5- 11woody1_sparc.deb


• Debian dhcp_2.0pl5-11woody1_alpha.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11wood y1_alpha.deb


• Debian dhcp_2.0pl5-11woody1_arm.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11wood y1_arm.deb


• Debian dhcp_2.0pl5-11woody1_hppa.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11wood y1_hppa.deb


• Debian dhcp_2.0pl5-11woody1_i386.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11wood y1_i386.deb


• Debian dhcp_2.0pl5-11woody1_ia64.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11wood y1_ia64.deb


• Debian dhcp_2.0pl5-11woody1_m68k.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11wood y1_m68k.deb


• Debian dhcp_2.0pl5-11woody1_mips.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11wood y1_mips.deb


• Debian dhcp_2.0pl5-11woody1_mipsel.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11wood y1_mipsel.deb


• Debian dhcp_2.0pl5-11woody1_powerpc.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11wood y1_powerpc.deb


• Debian dhcp_2.0pl5-11woody1_s390.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11wood y1_s390.deb


• Debian dhcp_2.0pl5-11woody1_sparc.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11wood y1_sparc.deb


• RedHat dhcp-2.0pl5-8.2.legacy.i386.rpm
  RedHat Linux 7.3
  http://download.fedoralegacy.org/redhat/7.3/updates/i386/dhcp-2.0pl5-8 .2.legacy.i386.rpm