Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2009-0692

Published: 14/07/2009 Updated: 29/09/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Dhcp

Vulnerability Summary

Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 prior to 4.1.0p1, 4.0 prior to 4.0.1p1, 3.1 prior to 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

isc dhcp 3.0

isc dhcp 3.1

isc dhcp 2.0

isc dhcp 4.1.0

isc dhcp 4.0

Vendor Advisories

Red Hat: Critical: dhcp security update
Synopsis Critical: dhcp security update Type/Severity Security Advisory: Critical Topic Updated dhcp packages that fix a security issue are now available for RedHat Enterprise Linux 4 and 47 Extended Update SupportThis update has been rated as having critical security impact by the RedHat Security Respons ...
Red Hat: Critical: dhcp security update
Synopsis Critical: dhcp security update Type/Severity Security Advisory: Critical Topic Updated dhcp packages that fix two security issues are now available forRed Hat Enterprise Linux 3This update has been rated as having critical security impact by the RedHat Security Response Team Description ...
Ubuntu Security Notice: dhcp3 vulnerability
It was discovered that the DHCP client as included in dhcp3 did not verify the length of certain option fields when processing a response from an IPv4 dhcp server If a user running Ubuntu 606 LTS or 804 LTS connected to a malicious dhcp server, a remote attacker could cause a denial of service or execute arbitrary code as the user invoking the p ...
Ubuntu Security Notice: dhcp3 vulnerability
USN-803-1 fixed a vulnerability in Dhcp Due to an error, the patch to fix the vulnerability was not properly applied on Ubuntu 810 and higher Even with the patch improperly applied, the default compiler options reduced the vulnerability to a denial of service Additionally, in Ubuntu 904 and higher, users were also protected by the AppArmor dhc ...
Debian Security Advisories: DSA-1833-1 dhcp3 -- several vulnerabilities
Several remote vulnerabilities have been discovered in ISC's DHCP implementation: CVE-2009-0692 It was discovered that dhclient does not properly handle overlong subnet mask options, leading to a stack-based buffer overflow and possible arbitrary code execution CVE-2009-1892 Christoph Biedl discovered that the DHCP server may terminate when recei ...

Exploits

Exploit DB: ISC DHCP dhclient < 3.1.2p1 - Remote Buffer Overflow (PoC)
/* * cve-2009-0692c * * ISC DHCP dhclient &lt; 312p1 Remote Exploit * Jon Oberheide &lt;jon@oberheideorg&gt; * jonoberheideorg * * Information: * * cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2009-0692 * * Stack-based buffer overflow in the script_write_params method in * client/dhclientc in ISC DHCP dhclie ...
Exploit DB: ISC DHCP dhclient Buffer Overflow
ISC DHCP dhclient versions below 312p1 remote buffer overflow proof of concept exploit ...
Exploit DB: ISC DHCP dhclient Buffer Overflow
ISC DHCP dhclient scripts_write_params() stack buffer overflow exploit ...

References

CWE-119https://www.isc.org/node/468http://security.gentoo.org/glsa/glsa-200907-12.xmlhttp://secunia.com/advisories/35785http://www.kb.cert.org/vuls/id/410676http://www.osvdb.org/55819http://www.redhat.com/support/errata/RHSA-2009-1136.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:151http://secunia.com/advisories/35829http://www.redhat.com/support/errata/RHSA-2009-1154.htmlhttp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-010.txt.aschttp://secunia.com/advisories/35880http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.561471https://bugzilla.redhat.com/show_bug.cgi?id=507717http://www.securitytracker.com/id?1022548http://secunia.com/advisories/35830http://www.vupen.com/english/advisories/2009/1891http://secunia.com/advisories/35832http://www.debian.org/security/2009/dsa-1833http://secunia.com/advisories/35850http://secunia.com/advisories/35849http://secunia.com/advisories/35841http://secunia.com/advisories/35851https://www.isc.org/downloadables/12http://www.securityfocus.com/bid/35668http://www.ubuntu.com/usn/usn-803-1http://secunia.com/advisories/35831http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00003.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-August/msg01177.htmlhttp://secunia.com/advisories/36457http://secunia.com/advisories/37342https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00340.htmlhttp://secunia.com/advisories/40551http://www.vupen.com/english/advisories/2010/1796http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5941https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10758https://access.redhat.com/errata/RHSA-2009:1136https://nvd.nist.govhttps://usn.ubuntu.com/803-1/https://www.exploit-db.com/exploits/9265/https://www.kb.cert.org/vuls/id/410676
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook