New versions 2.0pl1 and 3.0b1pl14 fix client vulnerability

Ted Lemon Ted.Lemon at
Sat Jun 24 09:23:22 UTC 2000

  *** From dhcp-announce -- To unsubscribe, see the end of this message. ***

The folks at OpenBSD discovered a rather stupid mistake in the client
which leaves it vulnerable to a root attack by a corrupt DHCP server.
I have just cut new versions of 2.0 and 3.0b1 that fix these
vulnerabilities.   If you are using the ISC DHCP client, we strongly
urge you to upgrade.   The ISC DHCP server is not affected by this


To unsubscribe from this list, visit
or send mail to dhcp-announce-request at with the subject line of

More information about the dhcp-announce mailing list