1. Ubuntu Security Notices
  2. USN-531-1

USN-531-1: dhcp vulnerability

Publication date

22 October 2007

Overview

dhcp vulnerability

Releases

Packages

Details

Nahuel Riva and Gerardo Richarte discovered that the DHCP server did not
correctly handle certain client options. A remote attacker could send
malicious DHCP replies to the server and execute arbitrary code.

Nahuel Riva and Gerardo Richarte discovered that the DHCP server did not
correctly handle certain client options. A remote attacker could send
malicious DHCP replies to the server and execute arbitrary code.

Update instructions

In general, a standard system upgrade is sufficient to effect the necessary changes.

Learn more about how to get the fixes.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
7.10 gutsy dhcp –  2.0pl5dfsg1-20ubuntu1.1
7.04 feisty dhcp –  2.0pl5-19.5ubuntu2.1
6.10 edgy dhcp –  2.0pl5-19.4ubuntu1.1
6.06 dapper dhcp –  2.0pl5-19.4ubuntu0.1

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

Have additional questions?

Talk to a member of the team ›