ISC DHCP 4.1.1-P1 is now available
Shawn Routhier
sar at isc.org
Wed Jun 2 02:17:52 UTC 2010
ISC DHCP 4.1.1-P1 is now available for download.
This is a patch release of ISC DHCP 4.1.1, which contains a pair of
bug fixes including one for a security related bug. The security
advisory is included below.
A list of the changes in this release has been appended to the end
of this message. For a complete list of changes from any previous
release, please consult the RELNOTES file within the source
distribution, or on our website:
http://www.isc.org/software/dhcp
This release, and its OpenPGP-signatures are available now from:
ftp://ftp.isc.org/isc/dhcp/dhcp-4.1.1-P1.tar.gz
ftp://ftp.isc.org/isc/dhcp/dhcp-4.1.1-P1.tar.gz.sha512.asc
ftp://ftp.isc.org/isc/dhcp/dhcp-4.1.1-P1.tar.gz.sha256.asc
ftp://ftp.isc.org/isc/dhcp/dhcp-4.1.1-P1.tar.gz.sha1.asc
ISC's Release Signing Key can be obtained at:
http://www.isc.org/about/openpgp/
Internet Systems Consortium Security Advisory
DHCP: Fencepost error on zero-length client identifier
1 June 2010
Short Description:
A request from a client containing a zero length client id will cause
the server to exit.
CVE: TBD
CERT: VU#541921
Posting date: June 1, 2010
Program Impacted: DHCP
Versions affected: 4.0.x, 4.1.x, 4.2.x.
Severity: High
Exploitable: remotely
Impact:
The DHCP server will exit upon receipt of a request containing a zero
length client ID, necessitating a restart.
Workarounds: Some defense against this may be achieved by restricting
packets to servers, but only an upgrade provides a complete solution.
Active exploits: None known at this time.
Solution:
Upgrade DHCP to one of the following: 4.1.1-P1 or 4.0.2-P1
There are no plans for fixes for affected versions of DHCP previous to
4.1.1 and 4.0.2 of the 4.x branches, and please note that version 3.1.x
is not affected.
The patch will be included in the next beta release for 4.2.0.
Questions should be addressed to dhcp-bugs at isc.org
Partial release notes for this version.
Changes since 4.1.1
- A bug was fixed that could cause the DHCPv6 server to
advertise/assign a previously allocated (active) lease to a client
that has changed subnets, despite being on different shared
networks. Dynamic prefixes specifically allocated in shared networks
also now are not offered if the client has moved. [ISC-Bugs #21152]
! Accept a client id of length 0 while hashing. Previously the server
would exit if it attempted to hash a zero length client id, providing
attackers with a simple denial of service attack. [ISC-Bugs #21253]
More information about the dhcp-users
mailing list