• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

ISC DHCPD NSUPDATE Remote Format String Vulnerability

Solution:
ISC has provided the following patch:

--- common/print.c Tue Apr 9 13:41:17 2002
+++ common/print.c.patched Tue Apr 9 13:41:56 2002
@@ -1366,8 +1366,8 @@
*s++ = '.';
*s++ = 0;
if (errorp)
- log_error (obuf);
+ log_error ("%s",obuf);
else
- log_info (obuf);
+ log_info ("%s",obuf);
}
#endif /* NSUPDATE */

Updated versions are available.


ISC DHCPD 3.0

• Caldera dhcp-3.0b2pl9-11.i386.rpm
  ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/RPMS/ dhcp-3.0b2pl9-11.i386.rpm


• Caldera dhcp-3.0b2pl9-11.i386.rpm
  ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/ RPMS/dhcp-3.0b2pl9-11.i386.rpm


• Caldera dhcp-3.0b2pl9-11.i386.rpm
  ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS/dh cp-3.0b2pl9-11.i386.rpm


• Caldera dhcp-3.0b2pl9-11.i386.rpm
  ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RP MS/dhcp-3.0b2pl9-11.i386.rpm


• Caldera dhcp-server-3.0b2pl9-11.i386.rpm
  ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/RPMS/ dhcp-server-3.0b2pl9-11.i386.rpm


• Caldera dhcp-server-3.0b2pl9-11.i386.rpm
  ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS/dh cp-server-3.0b2pl9-11.i386.rpm


• Conectiva dhcp-3.0-3U8_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/8/RPMS/dhcp-3.0-3U8_1cl.i386.rpm


• Conectiva dhcp-doc-3.0-3U8_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/8/RPMS/dhcp-doc-3.0-3U8_1cl.i386.r pm


• ISC dhcp-3.0p1.tar.gz
  ftp://ftp.isc.org/isc/dhcp/dhcp-3.0p1.tar.gz


• S.u.S.E. dhcp-3.0.1rc6-8.src.rpm
  SuSE 8.0 i386.
  ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/dhcp-3.0.1rc6-8.src.rp m


• S.u.S.E. dhcp-3.0rc12-22.sparc.rpm
  SuSE 7.3 Sparc.
  ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n2/dhcp-3.0rc12-22.sparc. rpm


• S.u.S.E. dhcp-3.0rc12-22.src.rpm
  SuSE 7.3 Sparc.
  ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/dhcp-3.0rc12-22.src.r pm


• S.u.S.E. dhcp-3.0rc12-32.ppc.rpm
  SuSE 7.3 PPC.
  ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n2/dhcp-3.0rc12-32.ppc.rpm


• S.u.S.E. dhcp-3.0rc12-32.src.rpm
  SuSE 7.3 PPC.
  ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/dhcp-3.0rc12-32.src.rpm


• S.u.S.E. dhcp-3.0rc12-47.i386.rpm
  SuSE 7.3 i386.
  ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/dhcp-3.0rc12-47.i386.rp m


• S.u.S.E. dhcp-3.0rc12-47.src.rpm
  SuSE 7.3 i386.
  ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/dhcp-3.0rc12-47.src.rp m


• S.u.S.E. dhcp-3.0rc4-27.i386.rpm
  SuSE 7.2 i386.
  ftp://ftp.suse.com/pub/suse/i386/update/7.2/n2/dhcp-3.0rc4-27.i386.rpm


• S.u.S.E. dhcp-3.0rc4-27.src.rpm
  SuSE 7.2 i386.
  ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/dhcp-3.0rc4-27.src.rpm


• S.u.S.E. dhcp-server-3.0.1rc6-8.i386.rpm
  SuSE 8.0 i386.
  ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/dhcp-server-3.0.1rc6-8. i386.rpm

ISC DHCPD 3.0.1 rc3

• ISC dhcp-3.0.1rc9.tar.gz
  ftp://ftp.isc.org/isc/dhcp/dhcp-3.0.1rc9.tar.gz

ISC DHCPD 3.0.1 rc4

• ISC dhcp-3.0.1rc9.tar.gz
  ftp://ftp.isc.org/isc/dhcp/dhcp-3.0.1rc9.tar.gz

ISC DHCPD 3.0.1 rc5

• ISC dhcp-3.0.1rc9.tar.gz
  ftp://ftp.isc.org/isc/dhcp/dhcp-3.0.1rc9.tar.gz

ISC DHCPD 3.0.1 rc7

• FreeBSD isc-dhcp3-3.0.1.r8.tgz
  ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/All/isc -dhcp3-3.0.1.r8.tgz


• ISC dhcp-3.0.1rc9.tar.gz
  ftp://ftp.isc.org/isc/dhcp/dhcp-3.0.1rc9.tar.gz

ISC DHCPD 3.0.1 rc2

• ISC dhcp-3.0.1rc9.tar.gz
  ftp://ftp.isc.org/isc/dhcp/dhcp-3.0.1rc9.tar.gz

ISC DHCPD 3.0.1 rc1

• ISC dhcp-3.0.1rc9.tar.gz
  ftp://ftp.isc.org/isc/dhcp/dhcp-3.0.1rc9.tar.gz

ISC DHCPD 3.0.1 rc8

• ISC dhcp-3.0.1rc9.tar.gz
  ftp://ftp.isc.org/isc/dhcp/dhcp-3.0.1rc9.tar.gz


• MandrakeSoft dhcp-3.0b2pl23-2.1mdk.i586.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/snf7.2/RPMS/dhcp-3.0b2p l23-2.1mdk.i586.rpm


• MandrakeSoft dhcp-3.0b2pl9-4.1mdk.i586.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/7.2/RPMS/dhcp-3.0b2pl9- 4.1mdk.i586.rpm


• MandrakeSoft dhcp-client-3.0-0.rc12.2.1mdk.i586.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/8.1/RPMS/dhcp-client-3. 0-0.rc12.2.1mdk.i586.rpm


• MandrakeSoft dhcp-client-3.0-0.rc12.2.1mdk.ia64.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/ia64/8.1/RPMS/dhcp-clie nt-3.0-0.rc12.2.1mdk.ia64.rpm


• MandrakeSoft dhcp-client-3.0-1rc8.2.1mdk.i586.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/8.2/RPMS/dhcp-client-3. 0-1rc8.2.1mdk.i586.rpm


• MandrakeSoft dhcp-client-3.0-1rc8.2.1mdk.ppc.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/ppc/8.2/RPMS/dhcp-clien t-3.0-1rc8.2.1mdk.ppc.rpm


• MandrakeSoft dhcp-client-3.0b2pl23-2.1mdk.i586.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/snf7.2/RPMS/dhcp-client -3.0b2pl23-2.1mdk.i586.rpm


• MandrakeSoft dhcp-client-3.0b2pl9-4.1mdk.i586.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/7.2/RPMS/dhcp-client-3. 0b2pl9-4.1mdk.i586.rpm


• MandrakeSoft dhcp-common-3.0-0.rc12.2.1mdk.i586.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/8.1/RPMS/dhcp-common-3. 0-0.rc12.2.1mdk.i586.rpm


• MandrakeSoft dhcp-common-3.0-0.rc12.2.1mdk.ia64.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/ia64/8.1/RPMS/dhcp-comm on-3.0-0.rc12.2.1mdk.ia64.rpm


• MandrakeSoft dhcp-common-3.0-1rc8.2.1mdk.i586.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/8.2/RPMS/dhcp-common-3. 0-1rc8.2.1mdk.i586.rpm


• MandrakeSoft dhcp-common-3.0-1rc8.2.1mdk.ppc.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/ppc/8.2/RPMS/dhcp-commo n-3.0-1rc8.2.1mdk.ppc.rpm


• MandrakeSoft dhcp-devel-3.0-0.rc12.2.1mdk.i586.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/8.1/RPMS/dhcp-devel-3.0 -0.rc12.2.1mdk.i586.rpm


• MandrakeSoft dhcp-devel-3.0-0.rc12.2.1mdk.ia64.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/ia64/8.1/RPMS/dhcp-deve l-3.0-0.rc12.2.1mdk.ia64.rpm


• MandrakeSoft dhcp-devel-3.0-1rc8.2.1mdk.i586.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/8.2/RPMS/dhcp-devel-3.0 -1rc8.2.1mdk.i586.rpm


• MandrakeSoft dhcp-devel-3.0-1rc8.2.1mdk.ppc.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/ppc/8.2/RPMS/dhcp-devel -3.0-1rc8.2.1mdk.ppc.rpm


• MandrakeSoft dhcp-relay-3.0-0.rc12.2.1mdk.i586.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/8.1/RPMS/dhcp-relay-3.0 -0.rc12.2.1mdk.i586.rpm


• MandrakeSoft dhcp-relay-3.0-0.rc12.2.1mdk.ia64.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/ia64/8.1/RPMS/dhcp-rela y-3.0-0.rc12.2.1mdk.ia64.rpm


• MandrakeSoft dhcp-relay-3.0-1rc8.2.1mdk.i586.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/8.2/RPMS/dhcp-relay-3.0 -1rc8.2.1mdk.i586.rpm


• MandrakeSoft dhcp-relay-3.0-1rc8.2.1mdk.ppc.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/ppc/8.2/RPMS/dhcp-relay -3.0-1rc8.2.1mdk.ppc.rpm


• MandrakeSoft dhcp-relay-3.0b2pl23-2.1mdk.i586.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/snf7.2/RPMS/dhcp-relay- 3.0b2pl23-2.1mdk.i586.rpm


• MandrakeSoft dhcp-relay-3.0b2pl9-4.1mdk.i586.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/7.2/RPMS/dhcp-relay-3.0 b2pl9-4.1mdk.i586.rpm


• MandrakeSoft dhcp-server-3.0-0.rc12.2.1mdk.i586.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/8.1/RPMS/dhcp-server-3. 0-0.rc12.2.1mdk.i586.rpm


• MandrakeSoft dhcp-server-3.0-0.rc12.2.1mdk.ia64.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/ia64/8.1/RPMS/dhcp-serv er-3.0-0.rc12.2.1mdk.ia64.rpm


• MandrakeSoft dhcp-server-3.0-1rc8.2.1mdk.i586.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/8.2/RPMS/dhcp-server-3. 0-1rc8.2.1mdk.i586.rpm


• MandrakeSoft dhcp-server-3.0-1rc8.2.1mdk.ppc.rpm
  ftp://ftp.rpmfind.net/linux/D/Mandrake/updates/ppc/8.2/RPMS/dhcp-serve r-3.0-1rc8.2.1mdk.ppc.rpm

ISC DHCPD 3.0.1 rc6

• ISC dhcp-3.0.1rc9.tar.gz
  ftp://ftp.isc.org/isc/dhcp/dhcp-3.0.1rc9.tar.gz