Date: Sat, 11 May 2002 17:02:00 -0600 (MDT) From: Brett Glass <brett@forum.lariat.org> To: security@freebsd.org Subject: DHCPD bug Message-ID: <200205112302.RAA15457@forum.lariat.org>
next in thread | raw e-mail | index | archive | help
There's a nasty bug in ISC's DHCPD -- a remote root hole -- that affects the versions that have been provided as ports and packages in recent releases. See http://www.extremetech.com/article/0,3396,apn=2&s=1024&a=26709&ap=1,00.asp for a description of the problem. The version of the port that's online has been updated to close the hole, but the package hasn't -- which means that users installing FreeBSD who grab the daemon via /stand/sysinstall will find themselves vulnerable. Also, no advisory has been issued.... One should be. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200205112302.RAA15457>