[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1Qu3FN-0001iv-2w@titan.mandriva.com>
Date: Thu, 18 Aug 2011 16:07:00 +0200
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2011:128 ] dhcp
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2011:128
http://www.mandriva.com/security/
_______________________________________________________________________
Package : dhcp
Date : August 18, 2011
Affected: 2009.0, 2010.1, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been discovered and corrected in dhcp:
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before
3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers
to cause a denial of service (daemon exit) via a crafted DHCP packet
(CVE-2011-2748).
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before
3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to
cause a denial of service (daemon exit) via a crafted BOOTP packet
(CVE-2011-2749).
Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2748
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2749
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2009.0:
dda862ad08cb6af3d2c56f00caec8c77 2009.0/i586/dhcp-client-4.1.2-0.5mdv2009.0.i586.rpm
74a12d5a8bb25e3dc7b05e414a266721 2009.0/i586/dhcp-common-4.1.2-0.5mdv2009.0.i586.rpm
da73a63834a47bf8dffeb723a096ad87 2009.0/i586/dhcp-devel-4.1.2-0.5mdv2009.0.i586.rpm
b8f966492c0768a5b07b9f7d4f3b776e 2009.0/i586/dhcp-doc-4.1.2-0.5mdv2009.0.i586.rpm
5193c66ea505dd58af855fab116c9d3e 2009.0/i586/dhcp-relay-4.1.2-0.5mdv2009.0.i586.rpm
5446bf09ef2d59e8f1fa17f49aea33b0 2009.0/i586/dhcp-server-4.1.2-0.5mdv2009.0.i586.rpm
1e32ea7b2d129fce3902f8d7d3fc7198 2009.0/SRPMS/dhcp-4.1.2-0.5mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64:
eda9fbd8b6bee2648b34b5f2b6458c1c 2009.0/x86_64/dhcp-client-4.1.2-0.5mdv2009.0.x86_64.rpm
df4862238668c0077b98b2b03173ccba 2009.0/x86_64/dhcp-common-4.1.2-0.5mdv2009.0.x86_64.rpm
901134adffc97d090eb365d0b5e799a3 2009.0/x86_64/dhcp-devel-4.1.2-0.5mdv2009.0.x86_64.rpm
9598ee3d8f8ca49e8a8aeef9e8f943ac 2009.0/x86_64/dhcp-doc-4.1.2-0.5mdv2009.0.x86_64.rpm
bb8326601929f31c65dcbaaf0ca0946c 2009.0/x86_64/dhcp-relay-4.1.2-0.5mdv2009.0.x86_64.rpm
7733076ab3269f345b28182a183052f9 2009.0/x86_64/dhcp-server-4.1.2-0.5mdv2009.0.x86_64.rpm
1e32ea7b2d129fce3902f8d7d3fc7198 2009.0/SRPMS/dhcp-4.1.2-0.5mdv2009.0.src.rpm
Mandriva Linux 2010.1:
6e2ddb421bf4626a15a52dfb0521b37c 2010.1/i586/dhcp-client-4.1.2-0.5mdv2010.2.i586.rpm
76211a724db2990e07856a9bd6dcbaea 2010.1/i586/dhcp-common-4.1.2-0.5mdv2010.2.i586.rpm
260b5ddff40f7be3bbdda4c00d658a46 2010.1/i586/dhcp-devel-4.1.2-0.5mdv2010.2.i586.rpm
63042fe8a76cc5ec84079803bed66d5f 2010.1/i586/dhcp-doc-4.1.2-0.5mdv2010.2.i586.rpm
99d648dcb18a0d1727d997fe8f2fed7e 2010.1/i586/dhcp-relay-4.1.2-0.5mdv2010.2.i586.rpm
de21e38b29447cbac0d5414be9fa784c 2010.1/i586/dhcp-server-4.1.2-0.5mdv2010.2.i586.rpm
41c369066c2bfedc5be7b163e0e6b690 2010.1/SRPMS/dhcp-4.1.2-0.5mdv2010.2.src.rpm
Mandriva Linux 2010.1/X86_64:
f963b8fff5d6632c70630da8ed2570dc 2010.1/x86_64/dhcp-client-4.1.2-0.5mdv2010.2.x86_64.rpm
dad1f03e73457cead695da4e865b039b 2010.1/x86_64/dhcp-common-4.1.2-0.5mdv2010.2.x86_64.rpm
7f9ffea345996ce41204c8f38470f0b3 2010.1/x86_64/dhcp-devel-4.1.2-0.5mdv2010.2.x86_64.rpm
80a5f8a1104dc51fd85325b149320958 2010.1/x86_64/dhcp-doc-4.1.2-0.5mdv2010.2.x86_64.rpm
459759b5aaa4fa905f2066317b1c25a9 2010.1/x86_64/dhcp-relay-4.1.2-0.5mdv2010.2.x86_64.rpm
78a70cc56c46e6891e1d650231424684 2010.1/x86_64/dhcp-server-4.1.2-0.5mdv2010.2.x86_64.rpm
41c369066c2bfedc5be7b163e0e6b690 2010.1/SRPMS/dhcp-4.1.2-0.5mdv2010.2.src.rpm
Corporate 4.0:
363495c22840f39f7f002b4c38cbd174 corporate/4.0/i586/dhcp-client-4.1.2-0.5.20060mlcs4.i586.rpm
a1cb7ec82ea1729e28485cfca956b5ba corporate/4.0/i586/dhcp-common-4.1.2-0.5.20060mlcs4.i586.rpm
e5316e5ed2ba9c5e76f8deff847a9ce2 corporate/4.0/i586/dhcp-devel-4.1.2-0.5.20060mlcs4.i586.rpm
ced770e7a2ae540efe90e151a84fa008 corporate/4.0/i586/dhcp-doc-4.1.2-0.5.20060mlcs4.i586.rpm
f78e1cabac3c9ace1228adc169b3d3d7 corporate/4.0/i586/dhcp-relay-4.1.2-0.5.20060mlcs4.i586.rpm
1a4993e7c92a949c81f73462486e074e corporate/4.0/i586/dhcp-server-4.1.2-0.5.20060mlcs4.i586.rpm
69dfd1ea276880ae59f7aa1028843792 corporate/4.0/SRPMS/dhcp-4.1.2-0.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
ccdd99dfef9bfdb5c05df35d8661fd5c corporate/4.0/x86_64/dhcp-client-4.1.2-0.5.20060mlcs4.x86_64.rpm
681b2bcaba8b65e4225f720b3b399e56 corporate/4.0/x86_64/dhcp-common-4.1.2-0.5.20060mlcs4.x86_64.rpm
b9ee098233d7b73c7c0f20faa81ac46b corporate/4.0/x86_64/dhcp-devel-4.1.2-0.5.20060mlcs4.x86_64.rpm
c91cffe785e0a716f6970b1dbdce8feb corporate/4.0/x86_64/dhcp-doc-4.1.2-0.5.20060mlcs4.x86_64.rpm
9fbc7814aef5891aedb6530955aa3e85 corporate/4.0/x86_64/dhcp-relay-4.1.2-0.5.20060mlcs4.x86_64.rpm
0cc7f4b1eb100db2fb16f2b53a91ab2a corporate/4.0/x86_64/dhcp-server-4.1.2-0.5.20060mlcs4.x86_64.rpm
69dfd1ea276880ae59f7aa1028843792 corporate/4.0/SRPMS/dhcp-4.1.2-0.5.20060mlcs4.src.rpm
Mandriva Enterprise Server 5:
ab0b7aa49c12b8c6acd50bd000ffcc33 mes5/i586/dhcp-client-4.1.2-0.5mdvmes5.2.i586.rpm
a28fbd774ff88de36312ba01a09d0e66 mes5/i586/dhcp-common-4.1.2-0.5mdvmes5.2.i586.rpm
de6e263c8ada2e393c9e2c5eea479feb mes5/i586/dhcp-devel-4.1.2-0.5mdvmes5.2.i586.rpm
979061b018262ee4cc32445ac231beb0 mes5/i586/dhcp-doc-4.1.2-0.5mdvmes5.2.i586.rpm
c9ae8d8e66e350d772a5571f40b94202 mes5/i586/dhcp-relay-4.1.2-0.5mdvmes5.2.i586.rpm
1eedde1150fb9c40a90845042c31a254 mes5/i586/dhcp-server-4.1.2-0.5mdvmes5.2.i586.rpm
8c6cd539abb27fd8180176e25699bcb1 mes5/SRPMS/dhcp-4.1.2-0.5mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64:
3ba038548a1a0984c9a479f50298a7ee mes5/x86_64/dhcp-client-4.1.2-0.5mdvmes5.2.x86_64.rpm
c003f2d1327eaa9e47dbf6abce537710 mes5/x86_64/dhcp-common-4.1.2-0.5mdvmes5.2.x86_64.rpm
d873f5921673222b1cc078e27c7d6d57 mes5/x86_64/dhcp-devel-4.1.2-0.5mdvmes5.2.x86_64.rpm
dd083b8e57ad9016aaa398bf1890e355 mes5/x86_64/dhcp-doc-4.1.2-0.5mdvmes5.2.x86_64.rpm
0067fc25a97ea655786598baf0620eb9 mes5/x86_64/dhcp-relay-4.1.2-0.5mdvmes5.2.x86_64.rpm
9c9f19f769d6a6332895a0a6529c7e15 mes5/x86_64/dhcp-server-4.1.2-0.5mdvmes5.2.x86_64.rpm
8c6cd539abb27fd8180176e25699bcb1 mes5/SRPMS/dhcp-4.1.2-0.5mdvmes5.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFOTOxVmqjQ0CJFipgRAorWAKC6Rug8CkLGlW9N7D0OkQEwDouL6ACgqTSk
CwIiGt7snxBd0tSPM7xcP9U=
=crBj
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists