DHCP server can take over client

Posted by Scott_Ruecker on Jul 16, 2009 2:45 AM EDT
Heise		Mail this story
Print this story

Specially crafted DHCP servers can take control of a PC if the PC is running the DHCP client supplied by the Internet Systems Consortium (ISC) (dhclient). This is the default set-up in Ubuntu, BSD and many other Linux distributions. According to an ISC advisory, the vulnerability is based on a buffer overflow that allows attackers to inject arbitrary code into a system and execute it at root level. The buffer overflow can be triggered in the script_write_params method using excessively long server-supplied subnet masks.

Full Story

  Nav
» Read more about: Groups: Ubuntu, Linux; Story Type: News Story

« Return to the newswire homepage

Subject Topic Starter Replies Views Last Post
Patched in a day Sander_Marechal 5 670 Jul 16, 2009 11:03 AM

You cannot post until you login.