FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2009-0692

This CVE name corresponds to:

Entered Topic
2009-07-15 isc-dhcp-client -- Stack overflow vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2009-0692 at cve.mitre.org

Details

Type Candidate
Name CVE-2009-0692
Phase Assigned(20090222)

Description

Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option.

References

Source Reference
CONFIRM https://www.isc.org/node/468
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=507717
CONFIRM https://www.isc.org/downloadables/12
DEBIAN DSA-1833
FEDORA FEDORA-2009-8344
FEDORA FEDORA-2009-9075
GENTOO GLSA-200907-12
HP HPSBMA02554
HP SSRT100018
MANDRIVA MDVSA-2009:151
NETBSD NetBSD-SA2009-010
REDHAT RHSA-2009:1136
REDHAT RHSA-2009:1154
SLACKWARE SSA:2009-195-01
SUSE SUSE-SA:2009:037
UBUNTU USN-803-1
CERT-VN VU#410676
BID 35668
OSVDB 55819
OVAL oval:org.mitre.oval:def:10758
OVAL oval:org.mitre.oval:def:5941
SECTRACK 1022548
SECUNIA 35785
SECUNIA 35829
SECUNIA 35830
SECUNIA 35831
SECUNIA 35832
SECUNIA 35841
SECUNIA 35849
SECUNIA 35850
SECUNIA 35851
SECUNIA 35880
SECUNIA 36457
SECUNIA 37342
SECUNIA 40551
VUPEN ADV-2009-1891
VUPEN ADV-2010-1796

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.