DSA 584-1: New dhcp packages fix format string vulnerability
Posted on: 11/04/2004 03:43 PM

New dhcp packages are available for Debian GNU/Linux

---------------------------------------------------------------------------
Debian Security Advisory DSA 584-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 4th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------

Package : dhcp
Vulnerability : format string vulnerability
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-1006

"infamous41md" noticed that the log functions in dhcp 2.x, which is still distributed in the stable Debian release, contained pass parameters to function that use format strings. One use seems to be exploitable in connection with a malicious DNS server.

For the stable distribution (woody) these problems have been fixed in version 2.0pl5-11woody1.

For the unstable distribution (sid) these problems have been fixed in version 2.0pl5-19.1.

We recommend that you upgrade your dhcp package.

Upgrade Instructions
---------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
---------------------------------

Source archives:

http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1.dsc
Size/MD5 checksum: 683 9fbc12c28d4c973fc85157331c26aae5
http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1.diff.gz
Size/MD5 checksum: 48678 11af0bf9045654e302da7704d856ead4
http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5.orig.tar.gz
Size/MD5 checksum: 294909 ab22f363a7aff924e2cc9d1019a21498

Alpha architecture:

http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_alpha.deb
Size/MD5 checksum: 230656 6c7c2c912063527503ca64b59e3a58ac
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_alpha.deb
Size/MD5 checksum: 215658 24dabab111aec962caacf5a793d15338
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_alpha.deb
Size/MD5 checksum: 159940 a447290821e3737d567c5949f7ca9966

ARM architecture:

http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_arm.deb
Size/MD5 checksum: 211188 636b1709fbb6cea278b4248130e320c0
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_arm.deb
Size/MD5 checksum: 198582 e0efe5b93e0ecbc34caec0c7a15c9700
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_arm.deb
Size/MD5 checksum: 148746 0ce691f9f921277d9b526161921999c3

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_i386.deb
Size/MD5 checksum: 204550 9dd0affebf04890280d57cc27221d12c
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_i386.deb
Size/MD5 checksum: 192092 8f70ab57e89a22dd7b9ce5c1d9f51a35
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_i386.deb
Size/MD5 checksum: 144962 c03163e469f7477f4479d2400a16ea5e

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_ia64.deb
Size/MD5 checksum: 295214 483b1ad144c76ac994c3db46d0dce32f
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_ia64.deb
Size/MD5 checksum: 277702 31597876b5623a7d1b24b28db3fc4e55
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_ia64.deb
Size/MD5 checksum: 197380 00747f82e74e9b8856b9676d9c14124f

HP Precision architecture:

http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_hppa.deb
Size/MD5 checksum: 209292 317aeeacb930a39d7d2dc5e59c532f3a
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_hppa.deb
Size/MD5 checksum: 197714 4ba10395c93aae31d4c27fa193964a65
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_hppa.deb
Size/MD5 checksum: 149114 322771b83583570cd6f350ba6a1e4b0f

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_m68k.deb
Size/MD5 checksum: 200208 c931a802045b2be93488bd45b6dc4eed
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_m68k.deb
Size/MD5 checksum: 188024 d25022b06425b4717d7e884fe44403d2
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_m68k.deb
Size/MD5 checksum: 143126 dd38b9e0ea2ecd5455e3c506e259d41a

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_mips.deb
Size/MD5 checksum: 217844 fa15e8387bb50f9011f8bda8110bc0e6
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_mips.deb
Size/MD5 checksum: 205468 36b92f32880cc70bb1ce7277f393df0e
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_mips.deb
Size/MD5 checksum: 154020 cb8cd4947dbfc2b65991095e8a35c36f

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_mipsel.deb
Size/MD5 checksum: 217290 67f7e6c6d879b533936f70711ee48c4c
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_mipsel.deb
Size/MD5 checksum: 204742 5c654f6cb04582739fc3aa445a865243
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_mipsel.deb
Size/MD5 checksum: 153376 0672d189292961527c0d06b14db6f781

PowerPC architecture:

http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_powerpc.deb
Size/MD5 checksum: 205052 fe96048ef94b2a8b99fa54539b0455b5
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_powerpc.deb
Size/MD5 checksum: 192580 94c021c9da018495aa462d27e3078bb1
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_powerpc.deb
Size/MD5 checksum: 145924 2a95b2aad76a2578e7ade66f65e39f33

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_s390.deb
Size/MD5 checksum: 207858 8770a183836bc33dd38f78375b47dca7
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_s390.deb
Size/MD5 checksum: 195460 c7ea6dfb54bad5e2855f774cdc40cb8d
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_s390.deb
Size/MD5 checksum: 148234 b6b2b6feb6477ad485c9f5a3145c9da1

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_sparc.deb
Size/MD5 checksum: 212454 185e57de8c23336e25b50251e42ea317
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_sparc.deb
Size/MD5 checksum: 200980 4f8eadd993129822ebc700348d10f7d8
http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_sparc.deb
Size/MD5 checksum: 153904 8cb3d4a775bedaf06bdbaea21f765448


These files will probably be moved into the stable distribution on its next update.


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/dsa_584_1_new_dhcp_packages_fix_format_string_vulnerability.html)