|
|
Family: Debian Local Security Checks --> Category: infos
[DSA584] DSA-584-1 dhcp Vulnerability Scan
Vulnerability Scan Summary
DSA-584-1 dhcp
Detailed Explanation for this Vulnerability Test
"infamous41md" noticed that the log functions in dhcp 2.x, which is
still distributed in the stable Debian release, contained pass
parameters to function that use format strings. One use seems to be
exploitable in connection with a malicious DNS server.
For the stable distribution (woody) these problems have been fixed in
version 2.0pl5-11woody1.
For the unstable distribution (sid) these problems have been fixed in
version 2.0pl5-19.1.
We recommend that you upgrade your dhcp package.
Solution : http://www.debian.org/security/2004/dsa-584
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
