Vulnerability Description
Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Isc | Dhcp | 2.0 |
Related Weaknesses (CWE)
References
- http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-010.txt.asc
- http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083
- http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00003.html
- http://secunia.com/advisories/35785Vendor Advisory
- http://secunia.com/advisories/35829
- http://secunia.com/advisories/35830
- http://secunia.com/advisories/35831
- http://secunia.com/advisories/35832
- http://secunia.com/advisories/35841
- http://secunia.com/advisories/35849
- http://secunia.com/advisories/35850
- http://secunia.com/advisories/35851
- http://secunia.com/advisories/35880
- http://secunia.com/advisories/36457
- http://secunia.com/advisories/37342
FAQ
What is CVE-2009-0692?
CVE-2009-0692 is a vulnerability with a CVSS score of 10.0 (HIGH). Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP serv...
How severe is CVE-2009-0692?
CVE-2009-0692 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0692?
Check the references section above for vendor advisories and patch information. Affected products include: Isc Dhcp.