Oval Definition:oval:com.redhat.rhsa:def:20091136
Revision Date:2009-07-14Version:642
Title:RHSA-2009:1136: dhcp security update (Critical)
Description:The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address.

  • The Mandriva Linux Engineering Team discovered a stack-based buffer overflow flaw in the ISC DHCP client. If the DHCP client were to receive a malicious DHCP response, it could crash or execute arbitrary code with the permissions of the client (root). (CVE-2009-0692)

    Users of DHCP should upgrade to these updated packages, which contain a backported patch to correct this issue.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2009-0692
    RHSA-2009:1136
    RHSA-2009:1136-01
    RHSA-2009:1136-01
    Platform(s):Red Hat Enterprise Linux 4
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • dhclient is earlier than 7:3.0.1-65.el4_8.1
  • AND dhclient is signed with Red Hat redhatrelease2 key
  • dhcp is earlier than 7:3.0.1-65.el4_8.1
  • AND dhcp is signed with Red Hat redhatrelease2 key
  • dhcp-devel is earlier than 7:3.0.1-65.el4_8.1
  • AND dhcp-devel is signed with Red Hat redhatrelease2 key
    • BACK