Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2004.0708 -- Debian Security Advisory DSA 584-1 New dhcp packages fix format string vulnerability 5 November 2004 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: dhcp 2.x Publisher: Debian Operating System: Debian GNU/Linux 3.0 Linux variants UNIX variants Impact: Execute Arbitrary Code/Commands Access: Remote/Unauthenticated CVE Names: CAN-2004-1006 Original Bulletin: http://www.debian.org/security/2004/dsa-584 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - -------------------------------------------------------------------------- Debian Security Advisory DSA 584-1 security@debian.org http://www.debian.org/security/ Martin Schulze November 4th, 2004 http://www.debian.org/security/faq - - -------------------------------------------------------------------------- Package : dhcp Vulnerability : format string vulnerability Problem-Type : remote Debian-specific: no CVE ID : CAN-2004-1006 "infamous41md" noticed that the log functions in dhcp 2.x, which is still distributed in the stable Debian release, contained pass parameters to function that use format strings. One use seems to be exploitable in connection with a malicious DNS server. For the stable distribution (woody) these problems have been fixed in version 2.0pl5-11woody1. For the unstable distribution (sid) these problems have been fixed in version 2.0pl5-19.1. We recommend that you upgrade your dhcp package. Upgrade Instructions - - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1.dsc Size/MD5 checksum: 683 9fbc12c28d4c973fc85157331c26aae5 http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1.diff.gz Size/MD5 checksum: 48678 11af0bf9045654e302da7704d856ead4 http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5.orig.tar.gz Size/MD5 checksum: 294909 ab22f363a7aff924e2cc9d1019a21498 Alpha architecture: http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_alpha.deb Size/MD5 checksum: 230656 6c7c2c912063527503ca64b59e3a58ac http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_alpha.deb Size/MD5 checksum: 215658 24dabab111aec962caacf5a793d15338 http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_alpha.deb Size/MD5 checksum: 159940 a447290821e3737d567c5949f7ca9966 ARM architecture: http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_arm.deb Size/MD5 checksum: 211188 636b1709fbb6cea278b4248130e320c0 http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_arm.deb Size/MD5 checksum: 198582 e0efe5b93e0ecbc34caec0c7a15c9700 http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_arm.deb Size/MD5 checksum: 148746 0ce691f9f921277d9b526161921999c3 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_i386.deb Size/MD5 checksum: 204550 9dd0affebf04890280d57cc27221d12c http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_i386.deb Size/MD5 checksum: 192092 8f70ab57e89a22dd7b9ce5c1d9f51a35 http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_i386.deb Size/MD5 checksum: 144962 c03163e469f7477f4479d2400a16ea5e Intel IA-64 architecture: http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_ia64.deb Size/MD5 checksum: 295214 483b1ad144c76ac994c3db46d0dce32f http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_ia64.deb Size/MD5 checksum: 277702 31597876b5623a7d1b24b28db3fc4e55 http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_ia64.deb Size/MD5 checksum: 197380 00747f82e74e9b8856b9676d9c14124f HP Precision architecture: http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_hppa.deb Size/MD5 checksum: 209292 317aeeacb930a39d7d2dc5e59c532f3a http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_hppa.deb Size/MD5 checksum: 197714 4ba10395c93aae31d4c27fa193964a65 http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_hppa.deb Size/MD5 checksum: 149114 322771b83583570cd6f350ba6a1e4b0f Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_m68k.deb Size/MD5 checksum: 200208 c931a802045b2be93488bd45b6dc4eed http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_m68k.deb Size/MD5 checksum: 188024 d25022b06425b4717d7e884fe44403d2 http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_m68k.deb Size/MD5 checksum: 143126 dd38b9e0ea2ecd5455e3c506e259d41a Big endian MIPS architecture: http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_mips.deb Size/MD5 checksum: 217844 fa15e8387bb50f9011f8bda8110bc0e6 http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_mips.deb Size/MD5 checksum: 205468 36b92f32880cc70bb1ce7277f393df0e http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_mips.deb Size/MD5 checksum: 154020 cb8cd4947dbfc2b65991095e8a35c36f Little endian MIPS architecture: http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_mipsel.deb Size/MD5 checksum: 217290 67f7e6c6d879b533936f70711ee48c4c http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_mipsel.deb Size/MD5 checksum: 204742 5c654f6cb04582739fc3aa445a865243 http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_mipsel.deb Size/MD5 checksum: 153376 0672d189292961527c0d06b14db6f781 PowerPC architecture: http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_powerpc.deb Size/MD5 checksum: 205052 fe96048ef94b2a8b99fa54539b0455b5 http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_powerpc.deb Size/MD5 checksum: 192580 94c021c9da018495aa462d27e3078bb1 http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_powerpc.deb Size/MD5 checksum: 145924 2a95b2aad76a2578e7ade66f65e39f33 IBM S/390 architecture: http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_s390.deb Size/MD5 checksum: 207858 8770a183836bc33dd38f78375b47dca7 http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_s390.deb Size/MD5 checksum: 195460 c7ea6dfb54bad5e2855f774cdc40cb8d http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_s390.deb Size/MD5 checksum: 148234 b6b2b6feb6477ad485c9f5a3145c9da1 Sun Sparc architecture: http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-11woody1_sparc.deb Size/MD5 checksum: 212454 185e57de8c23336e25b50251e42ea317 http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-11woody1_sparc.deb Size/MD5 checksum: 200980 4f8eadd993129822ebc700348d10f7d8 http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-11woody1_sparc.deb Size/MD5 checksum: 153904 8cb3d4a775bedaf06bdbaea21f765448 These files will probably be moved into the stable distribution on its next update. - - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFBimbIW5ql+IAeqTIRAvvHAJwP0/wgsE7/1UB9WNApOShda4X4UwCgl1l+ RLloUIuoWFERWLbeQ21KcHE= =n41j - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBQYrhtih9+71yA2DNAQLuEgP/YT4TtAl63Kr5PVDHz8Ne7gZcaWsSHKop Oyx5xIr7/HSvjSKYBfVtXJ50RVTbW+I9FhoQYC69kTYBnED7w4uA6wtkf71oKVeL A7HvnHBZWwEXiWKche07e5jMq6Dbds6nqaQnrrMXsEj+obWOzH45bL/+bnkyU3Po mTibwL4UQFc= =eFYo -----END PGP SIGNATURE-----