Return-Path: owner-freebsd-security@FreeBSD.ORG Message-Id: <200006241941.e5OJfu956111@cwsys.cwsent.com> Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys" via SMTP by localhost.cwsent.com, id smtpdJ56107; Sat Jun 24 12:41:35 2000 X-Mailer: exmh version 2.1.1 10/15/1999 Reply-To: Cy Schubert - ITSD Open Systems Group From: Cy Schubert - ITSD Open Systems Group X-OS: FreeBSD 4.0-STABLE X-Sender: cy To: freebsd-security@FreeBSD.ORG Subject: Possible root exploit in ISC DHCP client. (fwd) Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sat, 24 Jun 2000 12:41:34 -0700 Sender: owner-freebsd-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk A quick fix to this problem, until dhclient in the base CVS tree can be patched is as follows: 1. Rename or remove /usr/src/contrib/isc-dhcp 2. fetch dhcp-2.0pl1.tar.gz and extract it into /usr/src/contrib 3. cd /usr/src/contrib && ln -s dhcp-2.0pl1 isc-dhcp 4. cd /usr/src/sbin/dhclient && make && make install clean 5. restart dhclient or reboot It would probably be a good idea to update the isc-dhcp2 and isc-dhcp3 ports. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/DEC Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC ------- Forwarded Message [audit trail deleted] Approved-By: aleph1@SECURITYFOCUS.COM Message-ID: <200006240928.CAA06592@grosse.bisbee.fugue.com> Date: Sat, 24 Jun 2000 02:28:58 -0700 Reply-To: Ted Lemon Sender: Bugtraq List From: Ted Lemon Subject: Possible root exploit in ISC DHCP client. To: BUGTRAQ@SECURITYFOCUS.COM Resent-To: cy@passer.osg.gov.bc.ca Resent-Date: Sat, 24 Jun 2000 12:15:21 -0700 Resent-From: Cy Schubert Somebody at OpenBSD discovered a possible root exploit in the ISC DHCP client. This exploit is present in all versions of the ISC DHCP client prior to 2.0pl1 and 3.0b1pl14, which I just released this evening. Anybody who is using versions of the ISC DHCP client other than these is strongly urged to upgrade. I would appreciate it if the OpenBSD people would take a look at the new version to see if they believe it is a complete fix, and let me know if it isn't. In any case, thanks for catching the error! I'm sorry I'm being so vague about how this got found, but I don't have time to read bugtraq anymore, so I was notified roughly fourth-hand. The ISC DHCP distribution is available at ftp://ftp.isc.org/isc/DHCP, and anonymous CVS at http://www.isc.org/products/DHCP/anoncvs.html. The head of the tree in anonymous CVS also contains the fix. _MelloN_ ------- End of Forwarded Message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message