Signature Detail
Short Name |
DHCP:OPT:ISC-DHCPD-MMS-DOS |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
DHCP |
Keywords |
ISC DHCPD Server Maximum Message Size Denial of Service |
Release Date |
2013/03/20 |
Update Number |
2247 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
DHCP: ISC DHCPD Server Maximum Message Size Denial of Service
This signature detects attempts to exploit a known vulnerability against ISC DHCPD Server. A successful attack can result in a denial-of-service condition.
Extended Description
ISC DHCPD is prone to a remote stack-corruption vulnerability because the software fails to properly bounds-check user-supplied input. Successfully exploiting this issue allows attackers in the same LAN segment of the vulnerable DHCP server to corrupt the application's stack. This may allow attackers to run arbitrary machine code and to compromise affected computers. ISC DHCP versions in the 2.x series are vulnerable to this issue. OpenBSD's 'dhcpd' is a fork of ISC DHCPD and is also vulnerable.
Affected Products
- Debian Linux 3.1.0
- Debian Linux 3.1.0 Alpha
- Debian Linux 3.1.0 Amd64
- Debian Linux 3.1.0 Arm
- Debian Linux 3.1.0 Hppa
- Debian Linux 3.1.0 Ia-32
- Debian Linux 3.1.0 Ia-64
- Debian Linux 3.1.0 M68k
- Debian Linux 3.1.0 Mips
- Debian Linux 3.1.0 Mipsel
- Debian Linux 3.1.0 Ppc
- Debian Linux 3.1.0 S/390
- Debian Linux 3.1.0 Sparc
- Debian Linux 4.0
- Debian Linux 4.0 Alpha
- Debian Linux 4.0 Amd64
- Debian Linux 4.0 Arm
- Debian Linux 4.0 Hppa
- Debian Linux 4.0 Ia-32
- Debian Linux 4.0 Ia-64
- Debian Linux 4.0 M68k
- Debian Linux 4.0 Mips
- Debian Linux 4.0 Mipsel
- Debian Linux 4.0 Powerpc
- Debian Linux 4.0 S/390
- Debian Linux 4.0 Sparc
- ISC DHCPD 2.0
- ISC DHCPD 2.0.pl5
- OpenBSD 4.0
- OpenBSD 4.1
- OpenBSD 4.2
- Red Hat Advanced Workstation for the Itanium Processor 2.1.0
- Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
- Red Hat Enterprise Linux AS 2.1
- Red Hat Enterprise Linux AS 2.1 IA64
- Red Hat Enterprise Linux ES 2.1
- Red Hat Enterprise Linux ES 2.1 IA64
- Sun OpenSolaris Build Snv 01
- Sun OpenSolaris Build Snv 02
- Sun OpenSolaris Build Snv 100
- Sun OpenSolaris Build Snv 102
- Sun OpenSolaris Build Snv 13
- Sun OpenSolaris Build Snv 19
- Sun OpenSolaris Build Snv 22
- Sun OpenSolaris Build Snv 36
- Sun OpenSolaris Build Snv 39
- Sun OpenSolaris Build Snv 59
- Sun OpenSolaris Build Snv 64
- Sun OpenSolaris Build Snv 67
- Sun OpenSolaris Build Snv 68
- Sun OpenSolaris Build Snv 80
- Sun OpenSolaris Build Snv 85
- Sun OpenSolaris Build Snv 87
- Sun OpenSolaris Build Snv 88
- Sun OpenSolaris Build Snv 89
- Sun OpenSolaris Build Snv 90
- Sun OpenSolaris Build Snv 91
- Sun OpenSolaris Build Snv 92
- Sun OpenSolaris Build Snv 95
- Sun OpenSolaris Build Snv 96
- Sun Solaris 10 Sparc
- Sun Solaris 10 X86
- Sun Solaris 8 Sparc
- Sun Solaris 8 X86
- Sun Solaris 9 Sparc
- Sun Solaris 9 X86
- Ubuntu Ubuntu Linux 6.06 LTS Amd64
- Ubuntu Ubuntu Linux 6.06 LTS I386
- Ubuntu Ubuntu Linux 6.06 LTS Powerpc
- Ubuntu Ubuntu Linux 6.06 LTS Sparc
- Ubuntu Ubuntu Linux 6.10 Amd64
- Ubuntu Ubuntu Linux 6.10 I386
- Ubuntu Ubuntu Linux 6.10 Powerpc
- Ubuntu Ubuntu Linux 6.10 Sparc
- Ubuntu Ubuntu Linux 7.04 Amd64
- Ubuntu Ubuntu Linux 7.04 I386
- Ubuntu Ubuntu Linux 7.04 Powerpc
- Ubuntu Ubuntu Linux 7.04 Sparc
- Ubuntu Ubuntu Linux 7.10 Amd64
- Ubuntu Ubuntu Linux 7.10 I386
- Ubuntu Ubuntu Linux 7.10 Powerpc
- Ubuntu Ubuntu Linux 7.10 Sparc
References
- BugTraq: 25729
- BugTraq: 32213
- BugTraq: 25984
- CVE: CVE-2007-0063
- CVE: CVE-2008-5010
- CVE: CVE-2007-5365