ISC DHCP Client Remote Buffer Overflow Vulnerability

ISC DHCP Client Remote Buffer Overflow Vulnerability

Solution:
The newest patched versions are 2.0pl3 and 3.0b1pl17. Previous patches (2.0pl1 and 3.0b1pl14) did not completely fix this vulnerability.

FTP: ftp://ftp.isc.org/isc/dhcp

Anonymous CVS:http://www.isc.org/products/DHCP/anoncvs.html.

An upgrade to FreeBSD 4.1 should resolve this problem. Below are patches for ports version of ISC dhcp:

FreeBSD FreeBSD 4.0

FreeBSD ports-4 i386 isc-dhcp3
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/net/isc -dhcp3-3.0.b1.17.tgz

Turbolinux Turbolinux 6.0.5

Turbolinux 6.1 i386 dhcp-2.0pl5-2.i386.rpm
ftp://ftp.turbolinux.com/pub/updates/6.0/security/dhcp-2.0pl5-2.i386.r pm

Turbolinux 6.1 i386 dhcp-client-2.0pl5-2.i386.rpm
ftp://ftp.turbolinux.com/pub/updates/6.0/security/dhcp-client-2.0pl5-2 .i386.rpm

Turbolinux Turbolinux 6.1

Turbolinux 6.1 i386 dhcp-2.0pl5-2.i386.rpm
ftp://ftp.turbolinux.com/pub/updates/6.0/security/dhcp-2.0pl5-2.i386.r pm

Turbolinux 6.1 i386 dhcp-client-2.0pl5-2.i386.rpm
ftp://ftp.turbolinux.com/pub/updates/6.0/security/dhcp-client-2.0pl5-2 .i386.rpm