Widely used DHCP Systems Vulnerable
New vulnerability has been discovered in the open source Internet Systems Consortium DHCP server. This vulnerability allows a remote attacker to execute a malicious code on victim’s computer.
All versions prior to 3.1-ESV-R1, 4.1-ESV-R2 and 4.2.1-P1 are affected by this bug as they do not strip or escape certain shell meta-characters in responses from the dhcp server (like hostname) before passing the responses on to dhclient-script. Depending on the script and OS, this can result in execution of exploit code on the client.
ISC recommends users to upgrade their system and as a workaround to disable hostname update by setting DHCLIENT_SET_HOSTNAME=”no” in /etc/sysconfig/network/dhcp on SUSE.
Other systems may add following line to dhclient-script at the beginning of the set_hostname() function:
new_host_name=${new_host_name//[^-.a-zA-Z0-9]/}
In environments where filters/acls can be put into place to limit clients to accessing only legitimate dhcp servers, this will protect clients
from rogue dhcp servers deliberately trying to exploit this bug. However, this will not protect from compromised servers.
make sure you subscribe to my RSS feed!
RT @sectechno: Widely used DHCP Systems Vulnerable http://bit.ly/g7RIvu #security #infosec
@SGgrc Widely used DHCP systems vulnerable: http://goo.gl/pIZV0
RT @MBenLakhoua: RT @sectechno: Widely used DHCP Systems Vulnerable http://bit.ly/g7RIvu #security #infosec
Widely used DHCP Systems Vulnerable: New vulnerability has been discovered in the open source Internet Systems C… http://bit.ly/ifTomC
RT @sectechno: Widely used DHCP Systems Vulnerable http://bit.ly/g7RIvu #security #infosec
Widely used DHCP Systems Vulnerable: New #vulnerability has been discovered in the open… http://goo.gl/fb/i6SHe
#security Widely used DHCP Systems Vulnerable http://dlvr.it/MpD97 #infosec
#security Widely used DHCP Systems Vulnerable http://dlvr.it/MpD97 #infosec
#security Widely used DHCP Systems Vulnerable http://dlvr.it/MpD8D #infosec
RT @sectechno: Widely used DHCP Systems Vulnerable http://bit.ly/g7RIvu #security #infosec
Widely used DHCP Systems Vulnerable http://bit.ly/ffQi4E
Widely used DHCP Systems Vulnerable: New vulnerability has been discovered in the open source Internet Systems C… http://bit.ly/ifTomC