Oval Definition:oval:com.redhat.rhsa:def:20110428
Revision Date:2011-04-08Version:636
Title:RHSA-2011:0428: dhcp security update (Important)
Description:The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address.

  • It was discovered that the DHCP client daemon, dhclient, did not sufficiently sanitize certain options provided in DHCP server replies, such as the client hostname. A malicious DHCP server could send such an option with a specially-crafted value to a DHCP client. If this option's value was saved on the client system, and then later insecurely evaluated by a process that assumes the option is trusted, it could lead to arbitrary code execution with the privileges of that process. (CVE-2011-0997)

    Red Hat would like to thank Sebastian Krahmer of the SuSE Security Team for reporting this issue.

    All dhclient users should upgrade to these updated packages, which contain a backported patch to correct this issue.
  • Family:unixClass:patch
    Status:Reference(s):CVE-2011-0997
    CVE-2011-0997
    RHSA-2011:0428
    RHSA-2011:0428-01
    RHSA-2011:0428-01
    Platform(s):Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    Red Hat Enterprise Linux 6
    Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • dhclient is earlier than 7:3.0.1-67.el4
  • AND dhclient is signed with Red Hat redhatrelease2 key
  • dhcp is earlier than 7:3.0.1-67.el4
  • AND dhcp is signed with Red Hat redhatrelease2 key
  • dhcp-devel is earlier than 7:3.0.1-67.el4
  • AND dhcp-devel is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • dhclient is earlier than 12:4.1.1-12.P1.el6_0.4
  • AND dhclient is signed with Red Hat redhatrelease2 key
  • dhcp is earlier than 12:4.1.1-12.P1.el6_0.4
  • AND dhcp is signed with Red Hat redhatrelease2 key
  • dhcp-devel is earlier than 12:4.1.1-12.P1.el6_0.4
  • AND dhcp-devel is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • dhclient is earlier than 12:3.0.5-23.el5_6.4
  • AND dhclient is signed with Red Hat redhatrelease2 key
  • dhcp is earlier than 12:3.0.5-23.el5_6.4
  • AND dhcp is signed with Red Hat redhatrelease2 key
  • dhcp-devel is earlier than 12:3.0.5-23.el5_6.4
  • AND dhcp-devel is signed with Red Hat redhatrelease2 key
  • libdhcp4client is earlier than 12:3.0.5-23.el5_6.4
  • AND libdhcp4client is signed with Red Hat redhatrelease2 key
  • libdhcp4client-devel is earlier than 12:3.0.5-23.el5_6.4
  • AND libdhcp4client-devel is signed with Red Hat redhatrelease2 key
  • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 6 Client is installed
  • OR Red Hat Enterprise Linux 6 Server is installed
  • OR Red Hat Enterprise Linux 6 Workstation is installed
  • OR Red Hat Enterprise Linux 6 ComputeNode is installed
  • AND
  • dhclient is earlier than 12:4.1.1-12.P1.el6_0.4
  • AND dhclient is signed with Red Hat redhatrelease2 key
  • dhcp-devel is earlier than 12:4.1.1-12.P1.el6_0.4
  • AND dhcp-devel is signed with Red Hat redhatrelease2 key
  • dhcp is earlier than 12:4.1.1-12.P1.el6_0.4
  • AND dhcp is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • dhclient is earlier than 7:3.0.1-67.el4
  • AND dhclient is signed with Red Hat master key
  • dhcp-devel is earlier than 7:3.0.1-67.el4
  • AND dhcp-devel is signed with Red Hat master key
  • dhcp is earlier than 7:3.0.1-67.el4
  • AND dhcp is signed with Red Hat master key
  • BACK