Stack-Based Buffer Overflow in ISC DHCP Client Software
CVE-2009-0692

Currently unrated

Key Information:

Vendor

Isc
Status
Dhcp
Vendor
CVE Published:
14 July 2009

What is CVE-2009-0692?

A stack-based buffer overflow exists in the script_write_params method of the ISC DHCP dhclient software. This vulnerability allows remote DHCP servers to send specially crafted subnet-mask options that can lead to the execution of arbitrary code on affected systems. Versions prior to 4.1.0p1, 4.0.1p1, 3.1.2p1, as well as some older versions, are vulnerable, posing significant security risks for users and organizations relying on this software for dynamic host configuration.

References

http://www.vupen.com/english/advisories/2009/1891
vdb-entryx_refsource_VUPEN
https://www.isc.org/node/468
x_refsource_CONFIRM
http://secunia.com/advisories/35830
third-party-advisoryx_refsource_SECUNIA

EPSS Score

28% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.