Pardus alert 2010-87 (dhcp)

From:
    	     
 
Eren Turkay <eren@pardus.org.tr> 
To:
    	     
 
pardus-security@pardus.org.tr 
Subject:
    	     
 
[Pardus-security] [PLSA 2010-87] dhcp: Denial of Service 
Date:
    	     
 
Thu, 24 Jun 2010 15:02:36 +0300 (EEST)
Message-ID:
    	     
 
<20100624120236.0ECA9A7ABC4@lider.pardus.org.tr>
Archive-link:
    	     
 
Article, Thread
              
------------------------------------------------------------------------
Pardus Linux Security Advisory 2010-87            security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2010-06-24
  Severity: 4
      Type: Remote
------------------------------------------------------------------------

Summary
=======

A vulnerability has been fixed in dhcp which can be used  by  malicious 
people to cause denial of service 


Description
===========

CVE-2010-2156: 

ISC DHCP 4.1 before 4.1.1-P1 and  4.0  before  4.0.2-P1  allows  remote 
attackers to cause a denial of service (server exit) via a  zero-length 
client ID. 


Affected packages:

  Pardus 2009:
    dhcp, all before 4.1.0_p1-20-5


Resolution
==========

There are update(s) for dhcp. You can update them via Package Manager or
with a single command from console: 

    pisi up dhcp

References
==========

  * http://bugs.pardus.org.tr/show_bug.cgi?id=13516

------------------------------------------------------------------------

_______________________________________________
Pardus-security mailing list
Pardus-security@pardus.org.tr
http://liste.pardus.org.tr/mailman/listinfo/pardus-security