SECURITY BLOG SECURITY DASHBOARD PARTNERS PRODUCTS JOBS SERVICES COMPANY HOME

Network Security Consulting Advisories Article

ISC DHCP Regular Expressions Denial of Service Vulnerability

http://www.securityfocus.com/bid/50971

Security Info

Bugtraq ID:	50971
Class:	Unknown
CVE:	CVE-2011-4539
Remote:	Yes
Local:	No
Published:	Dec 07 2011 12:00AM
Updated:	Aug 06 2012 06:12AM
Credit:	BlueCat Networks
Vulnerable:	Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 Ubuntu Ubuntu Linux 11.04 powerpc Ubuntu Ubuntu Linux 11.04 i386 Ubuntu Ubuntu Linux 11.04 ARM Ubuntu Ubuntu Linux 11.04 amd64 Red Hat Fedora 16 Red Hat Fedora 15 Red Hat Enterprise Linux Workstation Optional 6 Red Hat Enterprise Linux Workstation 6 Red Hat Enterprise Linux Server Optional 6 Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux HPC Node Optional 6 Red Hat Enterprise Linux HPC Node 6 Red Hat Enterprise Linux Desktop Optional 6 Red Hat Enterprise Linux Desktop 6 Oracle Enterprise Linux 6.2 Oracle Enterprise Linux 6 Mandriva Linux Mandrake 2011 x86_64 Mandriva Linux Mandrake 2011 Mandriva Linux Mandrake 2010.1 x86_64 Mandriva Linux Mandrake 2010.1 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 ISC DHCP Server 4.2.2 ISC DHCP Server 4.2.1 ISC DHCP Server 4.0.2 ISC DHCP Server 4.2.1b1 ISC DHCP Server 4.2.0-P2 ISC DHCP Server 4.2.0-P1 ISC DHCP Server 4.2 ISC DHCP Server 4.1-ESV-R3 ISC DHCP Server 4.1-ESV-R1 ISC DHCP Server 4.1 ISC DHCP Server 4.0 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 Avaya Aura Experience Portal 6.0 + Avaya Communication Manager Server DEFINITY Server SI/CS + Avaya Communication Manager Server S8100 + Avaya Communication Manager Server S8300 + Avaya Communication Manager Server S8500 + Avaya Communication Manager Server S8700 Avaya 96x1 IP Deskphone 6

Not Vulnerable:	ISC DHCP Server 4.2.3-P1 ISC DHCP Server 4.1-ESV-R4

Security Discussion

ISC DHCP is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to cause the affected application to crash, resulting in a denial-of-service condition.

ISC DHCP versions prior to 4.1-ESV-R4 and 4.2.3-P1 are affected.

Proof of Concept and Security Exploits

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

Security Solution(s)

Solution:
Updates are available. Please see the references for more information.

MandrakeSoft Enterprise Server 5 x86_64

Mandriva dhcp-client-4.1.2-0.6mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-common-4.1.2-0.6mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-devel-4.1.2-0.6mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-doc-4.1.2-0.6mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-relay-4.1.2-0.6mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-server-4.1.2-0.6mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/

MandrakeSoft Enterprise Server 5

Mandriva dhcp-client-4.1.2-0.6mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-common-4.1.2-0.6mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-devel-4.1.2-0.6mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-doc-4.1.2-0.6mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-relay-4.1.2-0.6mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-server-4.1.2-0.6mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva Linux Mandrake 2010.1 x86_64

Mandriva dhcp-client-4.1.2-0.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-common-4.1.2-0.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-devel-4.1.2-0.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-doc-4.1.2-0.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-relay-4.1.2-0.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-server-4.1.2-0.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva Linux Mandrake 2010.1

Mandriva dhcp-client-4.1.2-0.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-common-4.1.2-0.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-devel-4.1.2-0.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-doc-4.1.2-0.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-relay-4.1.2-0.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-server-4.1.2-0.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva Linux Mandrake 2011 x86_64

Mandriva dhcp-client-4.2.1-0.P1.2.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-common-4.2.1-0.P1.2.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-devel-4.2.1-0.P1.2.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-doc-4.2.1-0.P1.2.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-relay-4.2.1-0.P1.2.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-server-4.2.1-0.P1.2.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva Linux Mandrake 2011

Mandriva dhcp-client-4.2.1-0.P1.2.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-common-4.2.1-0.P1.2.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-devel-4.2.1-0.P1.2.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-doc-4.2.1-0.P1.2.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-relay-4.2.1-0.P1.2.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva dhcp-server-4.2.1-0.P1.2.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/

Security References(s)

References:

Product Homepage (ISC)
ASA-2011-415 dhcp security update (RHSA-2011-1819) (avaya)
ASA-2012-023 Wind River Linux DHCP Security Update (WIND00322935) (Avaya)
Security Advisory - DHCP Regular Expressions Segfault (ISC)

Emagined Security Blog featuring Dr. Eugene Schultz

Secure Web Programming
by Vizual Services