ISC DHCP: Denial of Service — GLSA 201301-06

Multiple vulnerabilities have been found in ISC DHCP, the worst of which may allow remote Denial of Service.

Affected Packages

net-misc/dhcp on all architectures
Affected versions < 4.2.4_p2
Unaffected versions >= 4.2.4_p2

Background

ISC DHCP is a Dynamic Host Configuration Protocol (DHCP) client/server.

Description

Multiple vulnerabilities have been discovered in ISC DHCP. Please review the CVE identifiers referenced below for details.

Impact

The vulnerabilities might allow remote attackers to execute arbitrary code or cause a Denial of Service.

Workaround

There is no known workaround at this time.

Resolution

All ISC DHCP users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-misc/dhcp-4.2.4_p2"
 

References

Release Date
January 09, 2013

Latest Revision
January 09, 2013: 1

Severity
normal

Exploitable
remote

Bugzilla entries