From owner-freebsd-security Sun May 12 0: 6:49 2002 Delivered-To: freebsd-security@freebsd.org Received: from trillian.santala.org (ip212-226-173-33.adsl.kpnqwest.fi [212.226.173.33]) by hub.freebsd.org (Postfix) with SMTP id 02E8337B401 for ; Sun, 12 May 2002 00:06:38 -0700 (PDT) Received: (qmail 28318 invoked by uid 11053); 12 May 2002 07:06:32 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 12 May 2002 07:06:32 -0000 Date: Sun, 12 May 2002 10:06:32 +0300 (EEST) From: Jarkko Santala X-X-Sender: jake@trillian.santala.org To: Brett Glass Cc: security@FreeBSD.ORG Subject: Re: DHCPD bug In-Reply-To: <200205112302.RAA15457@forum.lariat.org> Message-ID: <20020512100311.D258-100000@trillian.santala.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sat, 11 May 2002, Brett Glass wrote: > There's a nasty bug in ISC's DHCPD -- a remote root hole -- that affects > the versions that have been provided as ports and packages in recent > releases. See Based on the CERT Advisory, it would seem to me that one is only vulnerable if dynamic dns updates are enabled. If they're off, I would have to think dhcpd doesn't try log any replies from nameservers. None of the advisories I've read mention anything about this. I'd definitely like to know if I'm wrong. ;) http://www.cert.org/advisories/CA-2002-12.html Thanks, -jake -- Jarkko Santala http://www.iki.fi/~jake/ System Administrator 2001:670:83:f08::/64 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message