Ubuntu: dhcp vulnerability USN-531-1

=========================================================== 
Ubuntu Security Notice USN-531-1           October 22, 2007
dhcp vulnerability
CVE-2007-5365
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04
Ubuntu 7.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  dhcp                            2.0pl5-19.4ubuntu0.1

Ubuntu 6.10:
  dhcp                            2.0pl5-19.4ubuntu1.1

Ubuntu 7.04:
  dhcp                            2.0pl5-19.5ubuntu2.1

Ubuntu 7.10:
  dhcp                            2.0pl5dfsg1-20ubuntu1.1

In general, a standard system upgrade is sufficient to affect the
necessary changes.

Details follow:

Nahuel Riva and Gerardo Richarte discovered that the DHCP server did not
correctly handle certain client options.  A remote attacker could send
malicious DHCP replies to the server and execute arbitrary code.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

          Size/MD5:   108088 65d8b55c7a2cf3b6e8911056a092e0db
          Size/MD5:      691 f1a732d5c111aba4910303069f6aa0f6
          Size/MD5:   294909 ab22f363a7aff924e2cc9d1019a21498

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:    47322 4620b7ef8ec75ef21fe8b2d4990ff84e
          Size/MD5:   109572 ae4230ce73a430d18bd1274fa0cd0ff2
          Size/MD5:    76716 df864b6ecdac9266e91cf7e01794aaf3
          Size/MD5:   115772 f66f7fe1612ca1c38072b70519d898a4

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:    41260 90af57dae0621cb15f9389cd8225b0e2
          Size/MD5:   103718 08d499fafb459a9fd13c9fa64c12ae9c
          Size/MD5:    72888 59644d4f649ec20e46f98fa357820eb0
          Size/MD5:   110132 9a1a467805da579d4869c35b3fa44f91

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:    43664 5d85efedbd7699d89c84658dfd620205
          Size/MD5:   106156 efc2601a3c3219e86acfad264c298448
          Size/MD5:    74832 cb32ac6094b116eaa64420bc12a1a9e5
          Size/MD5:   112400 2899bdf5de8a5f8db8ac5b107b04cd13

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:    43838 1264a0021beb922b279fd148ebd18f91
          Size/MD5:   106504 9bc58bcfbbdc6269fd8b8546d8a1078e
          Size/MD5:    74992 1f0c12c080c5334c2d17707b84f59a32
          Size/MD5:   112920 0747d3bfa39eca0ce990cd1c91bded05

Updated packages for Ubuntu 6.10:

  Source archives:

          Size/MD5:   108319 99d45b58f0d45b24cbf582a6dc09febe
          Size/MD5:      691 246da5abd23374fc92915a1da5f409a6
          Size/MD5:   294909 ab22f363a7aff924e2cc9d1019a21498

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:    48110 f5ade03dc424279fb4562f32f3770bd9
          Size/MD5:   110456 3c3c7354346154da564b6997a2c03481
          Size/MD5:    77384 12b64ebbb718a29b24ac93e729fdc792
          Size/MD5:   116878 be3c4c917864af7c3f7911240eb87858

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:    42380 6b0867d73ac495955f4ab71332a75ab3
          Size/MD5:   104826 aec56d75db1269a016d00b0f03fcb7e2
          Size/MD5:    73808 38c69b79a7b527c0508dd1644a37ebeb
          Size/MD5:   111484 c74d1d467cc64f3d3af662a6ab868c70

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:    44128 9780c236832ff454c75de577b7889627
          Size/MD5:   106778 e15e31a3d91867a33889e29d4d24bb33
          Size/MD5:    75418 b22ec8d4dbd261a9b3793c7df2291d37
          Size/MD5:   112946 a3aafd9d5d8280eef709e3a241bf6fdf

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:    45206 9fb7dbfd703b3f7494edeb42f1f2c4e7
          Size/MD5:   107852 53bc29628c3dd183074ac11d57ae5cd8
          Size/MD5:    76094 57826859eeaa329872b6bcbd0a0da773
          Size/MD5:   114364 1f4df17a6567c53f82a712dc4838fca5

Updated packages for Ubuntu 7.04:

  Source archives:

          Size/MD5:   108856 9068ed213609edcf85c4980c0ba00531
          Size/MD5:      775 cd23dc91e2207d693e951b08f7bff7f9
          Size/MD5:   294909 ab22f363a7aff924e2cc9d1019a21498

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:    48146 df821088116aa248287f2f05d2c619ac
          Size/MD5:   110738 22b189ebe9fde53c3b3760eb8ee6bcce
          Size/MD5:    77716 f3e609dea0e73a45777233e876a38599
          Size/MD5:   117196 1c8ad1e8a8720204a3f72aa4c3934222

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:    42394 ebcd2e9142aff0ce87fc4fbee5716349
          Size/MD5:   105082 857bbb07db120408f3c0342e8dd3f927
          Size/MD5:    74170 8cd56d6b7a12fefa8c52681f590076c4
          Size/MD5:   111790 a267078b9ef14d4b1053741e8b4f5e7b

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:    45206 8509b4de59aae12d1768ab6a3ad6e0d6
          Size/MD5:   108088 6306df51227c6b1d5e31945e1b59c1be
          Size/MD5:    76470 0a7e0f7552b855011ea4e6557b1bc0f8
          Size/MD5:   114224 146f3f882427b59efcb9257c006d23ff

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:    45744 4313e2f1206796d1b4568cfc64a50400
          Size/MD5:   108526 80ec87d90d5c634b8a1a9dce2208e913
          Size/MD5:    76744 87a931b1cc4b626473e84aeef2332ddb
          Size/MD5:   115214 ee4b41ef734b1082d5914f26f6e3deb5

Updated packages for Ubuntu 7.10:

  Source archives:

          Size/MD5:    58237 62a723a12956ea2a0cbebd2ddb88c017
          Size/MD5:      734 654d981c06763f9ba838e06a913f0b73
          Size/MD5:   244890 0e1a88fe2e55c310f1a2f9150f4aeeee

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:    48454 bb14a8a6e227be7a5071620ee6bfd808
          Size/MD5:   110786 c1c65b22cd31c395810f38b5d105e6ee
          Size/MD5:    77662 45a3380cb769ab8c0dc709b433373242
          Size/MD5:   117090 04e87824199b7bdc07fc3e14682a881f

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:    42372 445ff45237987d32994ce823aca24919
          Size/MD5:   104780 a683c066ffc766001a74840698efe609
          Size/MD5:    73854 e49efeef6aa0f9d6119d85e71e0f4564
          Size/MD5:   111526 3f42b5e1f8efad5ba607426257729785

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:    45202 0992269f31407f1347df3f8962ed5fa3
          Size/MD5:   107698 7e12ba208451b52ce4295f44be13b68b
          Size/MD5:    76184 a2ac17aaf17dcafbb1f8c0f618cc8f74
          Size/MD5:   113912 9d89c17a348b4ae9306544a70cb4c5d9

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:    45794 39055cdaf1150aef796077d011f44d72
          Size/MD5:   108290 cddf5fe42de3e5cbb42da5d49a666f29
          Size/MD5:    76488 be38b6f1fe7d388765046abfb91ed156
          Size/MD5:   114870 11945b4e1a37e04fff0d2a496ebb9216


--pe+tqlI1iYzVj1X/
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHHOrdH/9LqRcGPm0RAi15AJ9ID9z2gqJDKwzEEK9ZdcBXcYSVgACghC1A
a8UNQThh6Juoetgo8qal5kU=qpDZ
-----END PGP SIGNATURE-------pe+tqlI1iYzVj1X/--
--==============
Ubuntu: dhcp vulnerability USN-531-1

Summary

Update Instructions

References

Package Information

Related News

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By
