Date: Sat, 24 Jun 2000 12:41:34 -0700 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: freebsd-security@freebsd.org Subject: Possible root exploit in ISC DHCP client. (fwd) Message-ID: <200006241941.e5OJfu956111@cwsys.cwsent.com>
next in thread | raw e-mail | index | archive | help
A quick fix to this problem, until dhclient in the base CVS tree can be patched is as follows: 1. Rename or remove /usr/src/contrib/isc-dhcp 2. fetch dhcp-2.0pl1.tar.gz and extract it into /usr/src/contrib 3. cd /usr/src/contrib && ln -s dhcp-2.0pl1 isc-dhcp 4. cd /usr/src/sbin/dhclient && make && make install clean 5. restart dhclient or reboot It would probably be a good idea to update the isc-dhcp2 and isc-dhcp3 ports. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/DEC Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC ------- Forwarded Message [audit trail deleted] Approved-By: aleph1@SECURITYFOCUS.COM Message-ID: <200006240928.CAA06592@grosse.bisbee.fugue.com> Date: Sat, 24 Jun 2000 02:28:58 -0700 Reply-To: Ted Lemon <mellon@NOMINUM.COM> Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM> From: Ted Lemon <mellon@NOMINUM.COM> Subject: Possible root exploit in ISC DHCP client. To: BUGTRAQ@SECURITYFOCUS.COM Resent-To: cy@passer.osg.gov.bc.ca Resent-Date: Sat, 24 Jun 2000 12:15:21 -0700 Resent-From: Cy Schubert <cschuber@osg.gov.bc.ca> Somebody at OpenBSD discovered a possible root exploit in the ISC DHCP client. This exploit is present in all versions of the ISC DHCP client prior to 2.0pl1 and 3.0b1pl14, which I just released this evening. Anybody who is using versions of the ISC DHCP client other than these is strongly urged to upgrade. I would appreciate it if the OpenBSD people would take a look at the new version to see if they believe it is a complete fix, and let me know if it isn't. In any case, thanks for catching the error! I'm sorry I'm being so vague about how this got found, but I don't have time to read bugtraq anymore, so I was notified roughly fourth-hand. The ISC DHCP distribution is available at ftp://ftp.isc.org/isc/DHCP, and anonymous CVS at http://www.isc.org/products/DHCP/anoncvs.html. The head of the tree in anonymous CVS also contains the fix. _MelloN_ ------- End of Forwarded Message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200006241941.e5OJfu956111>