Re: ISC DHCPD NSUPDATE Buffer Overflow Vulnerabilities

From: Erick Mechler (emechler@techometer.net)
Date: 01/22/03

• Next message: Michael Sierchio: "Re: Limiting icmp unreach response from 231 to 200 packets per second"
• Previous message: Mike Hoskins: "Re: Limiting icmp unreach response from 231 to 200 packets per second"
• In reply to: Andrés Vargas: "ISC DHCPD NSUPDATE Buffer Overflow Vulnerabilities"
• Next in thread: Martin McCormick: "Re: Limiting icmp unreach response from 231 to 200 packets per second"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 22 Jan 2003 14:32:15 -0800
From: Erick Mechler <emechler@techometer.net>
To: Andrés Vargas <elerrordlmilenio@hotmail.com>

:: The following advisory indicates FreeBSD 4.1-4.5 are affected.
::
:: http://securityresponse.symantec.com/avcenter/security/Content/6627.html
::
:: I have not seen any comments in this security list. Am I missing something?

DHCP isn't part of the base system, so FreeBSD is only vulnerable if you've
installed the port. A fix was committed to the ports tree 6 days ago by
Kris, updating the DHCP port to 3.0.1.r11. If you're using the DHCP port,
use your method of choice to upgrade.

  http://www.freebsd.org/cgi/cvsweb.cgi/ports/net/isc-dhcp3/

Security advisories for 3rd party packages (i.e., ports) are issued in
bundles, and have the "FreeBSD-SN" prefix (SN == Security Notice). See
http://www.freebsd.org/security/#adv for more information.

Cheers - Erick

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Next message: Michael Sierchio: "Re: Limiting icmp unreach response from 231 to 200 packets per second"
• Previous message: Mike Hoskins: "Re: Limiting icmp unreach response from 231 to 200 packets per second"
• In reply to: Andrés Vargas: "ISC DHCPD NSUPDATE Buffer Overflow Vulnerabilities"
• Next in thread: Martin McCormick: "Re: Limiting icmp unreach response from 231 to 200 packets per second"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: FreeBSD Security Advisory FreeBSD-SA-08:05.openssh ... For general information regarding FreeBSD Security Advisories, ... server and forwarding any connections which are made to that port. ... use X11 will connect to the IPv4 port, even though it had not been ... (FreeBSD-Security) Re: Kerberos 5 Security Alert? ... > for the base system (i.e., things that are part of FreeBSD proper). ... information about security vulnerabilities to do with the ports or the ... your daily system e-mail if you have a vulnerable version of any port ... (FreeBSD-Security) FreeBSD Ports Security Advisory FreeBSD-SA-01:23.icecast ... FreeBSD only: NO ... The icecast software, versions prior to 1.3.7_1, contains multiple ... FreeBSD makes no claim about the security of these third-party ... Upgrade your entire ports collection and rebuild the icecast port. ... (FreeBSD-Security) RE: Restricting DHCP addresses to known MACs via Win2K DHCP server ... Port security isn't just available on cisco...it's available on many ... For example on 3COM SuperStack switches you can set security ... Restricting DHCP addresses to known MAC's via Win2K DHCP ... (Security-Basics) [Full-Disclosure] FreeBSD Security Notice FreeBSD-SN-02:06 ... Several ports in the FreeBSD Ports Collection are affected by security ... All versions given refer to the FreeBSD port/package version numbers. ... Port name: gallery ... (Full-Disclosure)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint