ISC.DHCPD.Hostname.Format.String
Description
This indicates a possible exploit of a format-string vulnerability in the logging function of ISC DHCPD daemon.
ISC DHCPD Daemons software is distributed in some Linux distribution packages. A format-string vulnerability is reported in its logging function that may allow an attacker to execute arbitrary code on a vulnerable system. By default the NSUPDATE option is enabled in the DHCP daemon, which is responsible for getting a DNS update from a DNS server if a DHCP request contains a DNS update. Due to a boundary check failure in the logging routines for dynamic DNS code (print.c), an attacker may send a malformed DNS response with a malicious format string in the hostname options, to cause a buffer overflow and execute arbitrary code on the vulnerable system with root privileges.
Affected Products
ISC DHCPD 3.0.1 rc8 and earlier versions
Impact
Compromise of the affected system.
Recommended Actions
Upgrade to ISC DHCPD 3.0.1 rc9 or later versions.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2018-12-14 | 13.509 | Sig Added |