=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2009/VULN280
_____________________________________________________________________

DATE                      : 15/07/2009

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running ISC dhclient.

======================================================================
https://lists.isc.org/pipermail/dhcp-announce/2009-July/000262.html
______________________________________________________________________

ISC DHCP 4.1.0p1, 4.0.1p1, and 3.1.2p1 are all now available for
download.

These releases are patch level releases, correcting a stack overflow
vulnerability in all versions of 'dhclient' when processing large
netmask options.  The vulnerability is recorded as CERT VU#410676,
and CVE-2009-0692.  For more information about this vulnerability,
please refer to the vulnerability notes as they become available;

    http://www.kb.cert.org/vuls/id/410676
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692

All ISC dhclient users are urged to upgrade.  'dhcpd' or 'dhcrelay'
users are not affected.

A list of the changes in these releases has been appended to the end
of this message.  For a complete list of changes from any previous
release, please consult the RELNOTES files within the source
distributions, or on our website:

    http://oldwww.isc.org/sw/dhcp/dhcp4_1_rel.php?noframes=1
    http://oldwww.isc.org/sw/dhcp/dhcp4_0_rel.php?noframes=1
    http://oldwww.isc.org/sw/dhcp/dhcp_rel2.php?noframes=1

These releases, and their OpenPGP-signatures are available now from:

    ftp://ftp.isc.org/isc/dhcp/dhcp-4.1.0p1.tar.gz
    ftp://ftp.isc.org/isc/dhcp/dhcp-4.1.0p1.tar.gz.sha512.asc
    ftp://ftp.isc.org/isc/dhcp/dhcp-4.1.0p1.tar.gz.sha256.asc
    ftp://ftp.isc.org/isc/dhcp/dhcp-4.1.0p1.tar.gz.sha1.asc

    ftp://ftp.isc.org/isc/dhcp/dhcp-4.0.1p1.tar.gz
    ftp://ftp.isc.org/isc/dhcp/dhcp-4.0.1p1.tar.gz.sha512.asc
    ftp://ftp.isc.org/isc/dhcp/dhcp-4.0.1p1.tar.gz.sha256.asc
    ftp://ftp.isc.org/isc/dhcp/dhcp-4.0.1p1.tar.gz.sha1.asc

    ftp://ftp.isc.org/isc/dhcp/dhcp-3.1.2p1.tar.gz
    ftp://ftp.isc.org/isc/dhcp/dhcp-3.1.2p1.tar.gz.sha512.asc
    ftp://ftp.isc.org/isc/dhcp/dhcp-3.1.2p1.tar.gz.sha256.asc
    ftp://ftp.isc.org/isc/dhcp/dhcp-3.1.2p1.tar.gz.sha1.asc

ISC's Release Signing Key can be obtained at:

    https://www.isc.org/about/openpgp


			Change since base release

! A stack overflow vulnerability was fixed in dhclient that could allow
  remote attackers to execute arbitrary commands as root on the system,
  or simply terminate the client, by providing an over-long subnet-mask
  option.

-- 
David W. Hankins	"If you don't do it right the first time,
Software Engineer		     you'll just have to do it again."
Internet Systems Consortium, Inc.		-- Jack T. Hankins

======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================