CERT warns of DHCP vulnerabilities


CERT warns of DHCP vulnerabilities

Several potentially serious security flaws exist in the Internet Software Consortium's (ISC) Dynamic Host Configuration Protocol (DHCP) software.

In an internal audit, ISC discovered multiple buffer overflow flaws in versions 3.0 through 3.0.1RC10 of its DHCP product, according to the CERT Co-ordination Center (CERT/CC).

The flaws lie in a feature of ISC's DHCP product that allows the DHCP server to update a Domain Name System (DNS) server automattically. An attacker could take over an affected system by sending a DHCP message containing a large host name.

The ISC DHCP software ships as part of products from Red Hat and SuSE Linux, but the vulnerability status of many other vendors is still unknown. Red Hat already has a patch available, while SuSE is working on a software update.

DHCP software is used to assign users Internet Protocol (IP) addresses automatically when they sign on to a network. Typically a DHCP server is not accessible externally, limiting the threat of attacks.

ISC, which also provides the widely used BIND (Berkeley Internet Name Domain) DNS software, has released an update fixing the DHCP flaws. CERT maintains a list of suppliers whose software could contain the ISC software and may also be vulnerable.

The CERT advisory is at: www.cert.org/advisories/CA-2003-01.html

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy