BugTraq
[ MDVSA-2010:226 ] dhcp Nov 10 2010 06:24PM
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:226
http://www.mandriva.com/security/
_______________________________________________________________________

Package : dhcp
Date : November 10, 2010
Affected: 2009.1, 2010.0, 2010.1
_______________________________________________________________________

Problem Description:

A vulnerability was discovered and corrected in ISC dhcp:

ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before
4.2.0-P1 allows remote attackers to cause a denial of service (crash)
via a DHCPv6 packet containing a Relay-Forward message without an
address in the Relay-Forward link-address field (CVE-2010-3611).

The updated packages have been upgraded to 4.1.2 which is not
vulnerable to this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3611
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2009.1:
8ded7998e798f54c031ffe45a0fb76f6 2009.1/i586/dhcp-client-4.1.2-0.1mdv2009.1.i586.rpm
c8d3449949bdb12058f388310ac73ac0 2009.1/i586/dhcp-common-4.1.2-0.1mdv2009.1.i586.rpm
dc075f58d11682203f51297c5b360c2c 2009.1/i586/dhcp-devel-4.1.2-0.1mdv2009.1.i586.rpm
5ce2bbed0207c185cbe0170c6abdba5f 2009.1/i586/dhcp-doc-4.1.2-0.1mdv2009.1.i586.rpm
69f43ea4a05aedaaf809c8ccff68156c 2009.1/i586/dhcp-relay-4.1.2-0.1mdv2009.1.i586.rpm
437ee9bccc54a45d6b1dd6eb23f39af9 2009.1/i586/dhcp-server-4.1.2-0.1mdv2009.1.i586.rpm
3c2da5a436f72de695cefd65b18cd547 2009.1/SRPMS/dhcp-4.1.2-0.1mdv2009.1.src.rpm

Mandriva Linux 2009.1/X86_64:
77d56091ab3a3b90e1f92937e9bb6955 2009.1/x86_64/dhcp-client-4.1.2-0.1mdv2009.1.x86_64.rpm
13616a15ec6b187a8b1692194d66351a 2009.1/x86_64/dhcp-common-4.1.2-0.1mdv2009.1.x86_64.rpm
0138ff116b25c9a9117f54a3a92f33c3 2009.1/x86_64/dhcp-devel-4.1.2-0.1mdv2009.1.x86_64.rpm
8574b0587437b62a14c812a2c7a33aba 2009.1/x86_64/dhcp-doc-4.1.2-0.1mdv2009.1.x86_64.rpm
d1ed416ea679bb4437e53f769ab1d68f 2009.1/x86_64/dhcp-relay-4.1.2-0.1mdv2009.1.x86_64.rpm
64e10a176668bb778194ebd2d9d5a691 2009.1/x86_64/dhcp-server-4.1.2-0.1mdv2009.1.x86_64.rpm
3c2da5a436f72de695cefd65b18cd547 2009.1/SRPMS/dhcp-4.1.2-0.1mdv2009.1.src.rpm

Mandriva Linux 2010.0:
903f10812f23512df8895d068eff3975 2010.0/i586/dhcp-client-4.1.2-0.1mdv2010.0.i586.rpm
915ccd834aea02f6f2063463d1cfffd5 2010.0/i586/dhcp-common-4.1.2-0.1mdv2010.0.i586.rpm
42a8c93e13370a2f52e7035dcfa73334 2010.0/i586/dhcp-devel-4.1.2-0.1mdv2010.0.i586.rpm
27d2e196a28e8221e90597d697a8bfdb 2010.0/i586/dhcp-doc-4.1.2-0.1mdv2010.0.i586.rpm
cc27b55695952677b6f1edf37fa20517 2010.0/i586/dhcp-relay-4.1.2-0.1mdv2010.0.i586.rpm
8c3f88eeb112c3d25b892ebe6ae670b1 2010.0/i586/dhcp-server-4.1.2-0.1mdv2010.0.i586.rpm
4c67a5d3c889b878d8129d3dca4999c8 2010.0/SRPMS/dhcp-4.1.2-0.1mdv2010.0.src.rpm

Mandriva Linux 2010.0/X86_64:
81d8694f3b3f8f129aac04ffbcd86cf1 2010.0/x86_64/dhcp-client-4.1.2-0.1mdv2010.0.x86_64.rpm
1ee211daf3292f281577a55dffcfab45 2010.0/x86_64/dhcp-common-4.1.2-0.1mdv2010.0.x86_64.rpm
42c5e9f44117f275dc7ae5b6b1a2a5a3 2010.0/x86_64/dhcp-devel-4.1.2-0.1mdv2010.0.x86_64.rpm
18c1acbc00ad3b96e13ff7cf499242c5 2010.0/x86_64/dhcp-doc-4.1.2-0.1mdv2010.0.x86_64.rpm
ede58d17894f09d4caf94a7fa3db4476 2010.0/x86_64/dhcp-relay-4.1.2-0.1mdv2010.0.x86_64.rpm
1a578667e1225e8d1494682667965c7e 2010.0/x86_64/dhcp-server-4.1.2-0.1mdv2010.0.x86_64.rpm
4c67a5d3c889b878d8129d3dca4999c8 2010.0/SRPMS/dhcp-4.1.2-0.1mdv2010.0.src.rpm

Mandriva Linux 2010.1:
d6f9ed6e9ae1cb22c7ea80cdeeaaeda1 2010.1/i586/dhcp-client-4.1.2-0.1mdv2010.1.i586.rpm
4320e7b882da1f57111d94925b48b6c3 2010.1/i586/dhcp-common-4.1.2-0.1mdv2010.1.i586.rpm
208448b7b346eaf6d30044a570427a45 2010.1/i586/dhcp-devel-4.1.2-0.1mdv2010.1.i586.rpm
54fcd61586984f825842a40ebeb17c54 2010.1/i586/dhcp-doc-4.1.2-0.1mdv2010.1.i586.rpm
c859b4eb9f7b4a7f01fee0a0267b14f4 2010.1/i586/dhcp-relay-4.1.2-0.1mdv2010.1.i586.rpm
1e36ecc067937b23271d503f3a76e21e 2010.1/i586/dhcp-server-4.1.2-0.1mdv2010.1.i586.rpm
24862cb48b62437378aadc11f95aaf22 2010.1/SRPMS/dhcp-4.1.2-0.1mdv2010.1.src.rpm

Mandriva Linux 2010.1/X86_64:
fb27e016fd9aa6222ad3c6a0f3081194 2010.1/x86_64/dhcp-client-4.1.2-0.1mdv2010.1.x86_64.rpm
d9badcccc61aaedbc3ed65958f7d7cdc 2010.1/x86_64/dhcp-common-4.1.2-0.1mdv2010.1.x86_64.rpm
5516227c03670cdcdc49e15435d1f604 2010.1/x86_64/dhcp-devel-4.1.2-0.1mdv2010.1.x86_64.rpm
8751bd29904fd1966df5c93c6c261482 2010.1/x86_64/dhcp-doc-4.1.2-0.1mdv2010.1.x86_64.rpm
01c4fe657f0b6b472b2981de5b0a0ad7 2010.1/x86_64/dhcp-relay-4.1.2-0.1mdv2010.1.x86_64.rpm
5e0a5c35f7bab109ecbeddf474496965 2010.1/x86_64/dhcp-server-4.1.2-0.1mdv2010.1.x86_64.rpm
24862cb48b62437378aadc11f95aaf22 2010.1/SRPMS/dhcp-4.1.2-0.1mdv2010.1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFM2rWjmqjQ0CJFipgRAliCAKDCLltDs3aQoCbQoY8g8jJ+ZxMw5gCgkRgJ
mIdAAYScJMwSiAY2lyJvARA=
=eKH9
-----END PGP SIGNATURE-----

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus