ISC.DHCPD.Hostname.Format.String

description-logoDescription

This indicates a possible exploit of a format-string vulnerability in the logging function of ISC DHCPD daemon.
ISC DHCPD Daemons software is distributed in some Linux distribution packages. A format-string vulnerability is reported in its logging function that may allow an attacker to execute arbitrary code on a vulnerable system. By default the NSUPDATE option is enabled in the DHCP daemon, which is responsible for getting a DNS update from a DNS server if a DHCP request contains a DNS update. Due to a boundary check failure in the logging routines for dynamic DNS code (print.c), an attacker may send a malformed DNS response with a malicious format string in the hostname options, to cause a buffer overflow and execute arbitrary code on the vulnerable system with root privileges.

affected-products-logoAffected Products

ISC DHCPD 3.0.1 rc8 and earlier versions

Impact logoImpact

Compromise of the affected system.

recomended-action-logoRecommended Actions

Upgrade to ISC DHCPD 3.0.1 rc9 or later versions.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2018-12-14 13.509 Sig Added