Date: Wed, 30 Jul 2014 19:32:50 +0100 From: Roy Marples <roy@...ples.name> To: oss-security@...ts.openwall.com Subject: CVE Request: dhcpcd DoS attack Hi dhcpcd-4.0.0 though to dhcpcd.6.4.2 are vulnerable to a DoS attack. As reported by Tobias Stoeckmann: In function get_option, the DHO_OPTIONSOVERLOADED option checks if there are overloaded options, like bootfile or servername. It tries to make sure that it's called only once, BUT overwrites that information after receiving a DHO_END. A malicious server could set the option DHO_OPTIONSOVERLOADED yet another time in the bootfile or servername section, which will result in another jump -- maybe into the same area. This has been fixed upstream here: http://roy.marples.name/projects/dhcpcd/ci/1d2b93aa5ce25a8a710082fe2d36a6bf7f5794d5?sbs=0 I would like to request a CVE for the issue. dhcpcd-6.4.3 has been released with the above fix. Thanks Roy
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.