Pardus alert 2011-113 (dhcp)

From:
    	     
 
Meltem Parmaksız <meltem@pardus.org.tr> 
To:
    	     
 
pardus-security@pardus.org.tr 
Subject:
    	     
 
[Pardus-security]  [PLSA 2011-113] dhcp: Multiple vulnerabilities 
Date:
    	     
 
Mon, 5 Sep 2011 14:57:03 +0300
Message-ID:
    	     
 
<201109051457.03959.meltem@pardus.org.tr>
Archive-link:
    	     
 
Article, Thread
              
------------------------------------------------------------------------
Pardus Linux Security Advisory 2011-113           security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2011-09-05
      Type: Remote
------------------------------------------------------------------------

Summary
=======

Multiple vulnerabilities have been fixed in dhcp. 


Description
===========

CVE-2011-2748: 

The server in ISC  DHCP  3.x  and  4.x  before  4.2.2,  3.1-ESV  before 
3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows  remote  attackers  to 
cause a denial of service (daemon exit) via a crafted DHCP packet. 



CVE-2011-2749: 

The server in ISC  DHCP  3.x  and  4.x  before  4.2.2,  3.1-ESV  before 
3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows  remote  attackers  to 
cause a denial of service (daemon exit) via a crafted BOOTP packet. 


Affected packages:

  Pardus 2009:
    dhcp, all before 4.2.1_p1-27-10
  Pardus 2011:
    dhcp, all before 4.2.1_p1-31-p11


Resolution
==========

There are update(s) for dhcp. You can update them via Package Manager or
with a single command from console: 

  Pardus 2009:
    pisi up dhcp

  Pardus 2011:
    pisi up dhcp


References
==========

  * http://bugs.pardus.org.tr/show_bug.cgi?id=19010

------------------------------------------------------------------------
_______________________________________________
Pardus-Security mailing list
Pardus-Security@pardus.org.tr
http://liste.pardus.org.tr/mailman/listinfo/pardus-security