Date: Sun, 25 Jun 2000 08:14:30 -0700 (PDT) From: Cy.Schubert@uumail.gov.bc.ca To: FreeBSD-gnats-submit@freebsd.org Subject: bin/19501: Possible root exploit in ISC DHCP client. Message-ID: <200006251514.IAA17870@passer.osg.gov.bc.ca>
next in thread | raw e-mail | index | archive | help
>Number: 19501 >Category: bin >Synopsis: ISC DHCP Root Exploit >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Jun 25 08:20:00 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Cy Schubert >Release: FreeBSD 4.0-STABLE i386 >Organization: UNIX Group, ITSD, ISTA, Province of BC >Environment: FreeBSD passer 4.0-STABLE FreeBSD 4.0-STABLE #0: Fri Jun 23 13:38:31 PDT 2000 root@:/opt/cvs-400s-000620/src/sys/compile/PASSER i386 >Description: From BUGTRAQ: Date: Sat, 24 Jun 2000 02:28:58 -0700 Reply-To: Ted Lemon <mellon@NOMINUM.COM> Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM> From: Ted Lemon <mellon@NOMINUM.COM> Subject: Possible root exploit in ISC DHCP client. To: BUGTRAQ@SECURITYFOCUS.COM Resent-To: cy@passer.osg.gov.bc.ca Resent-Date: Sat, 24 Jun 2000 12:15:21 -0700 Resent-From: Cy Schubert <cschuber@osg.gov.bc.ca> Somebody at OpenBSD discovered a possible root exploit in the ISC DHCP client. This exploit is present in all versions of the ISC DHCP client prior to 2.0pl1 and 3.0b1pl14, which I just released this evening. Anybody who is using versions of the ISC DHCP client other than these is strongly urged to upgrade. I would appreciate it if the OpenBSD people would take a look at the new version to see if they believe it is a complete fix, and let me know if it isn't. In any case, thanks for catching the error! I'm sorry I'm being so vague about how this got found, but I don't have time to read bugtraq anymore, so I was notified roughly fourth-hand. The ISC DHCP distribution is available at ftp://ftp.isc.org/isc/DHCP, and anonymous CVS at http://www.isc.org/products/DHCP/anoncvs.html. The head of the tree in anonymous CVS also contains the fix. _MelloN_ >How-To-Repeat: N/A >Fix: Upgrade dhclient in base system to 2.0.pl1. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200006251514.IAA17870>