Otklonjena je ranjivost u radu programskog paketa DHCP, koji omogućuje korištenje DHCP protokola za automatsku dodjelu IP adresa računalima u mreži. Nedostatak je uočen prilikom konfiguracije ISC DHCP poslužitelja za korištenje "failover partnerships" funkcionalnosti. Sposoban, zlonamjerni napadač može iskoristiti spomenutu ranjivost za izvođenje napada uskraćivanja usluga prilikom spajanja na priključak koji je predviđen za omogućavanje neprekinutog rada DHCP procesa (eng. failover peer). Svim se korisnicima u cilju rješavanja nastalog problema savjetuje nadogradnja na poboljšane inačice paketa.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2011:001
http://www.mandriva.com/security/
_______________________________________________________________________
Package : dhcp
Date : January 7, 2011
Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
A vulnerability has been found and corrected in dhcp:
ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover
partnerships, allows remote attackers to cause a denial of service
(communications-interrupted state and DHCP client service loss)
by connecting to a port that is only intended for a failover peer,
as demonstrated by a Nagios check_tcp process check to TCP port 520
(CVE-2010-3616).
The updated packages have been patched to correct this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3616
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2009.0:
352220b748d131938d7229d47d78b4be
2009.0/i586/dhcp-client-3.0.7-1.7mdv2009.0.i586.rpm
d1ac99f1b505ae8c41ec98d8a90f40eb
2009.0/i586/dhcp-common-3.0.7-1.7mdv2009.0.i586.rpm
becd002a9b173d9c36d851637343d053
2009.0/i586/dhcp-devel-3.0.7-1.7mdv2009.0.i586.rpm
6276486dcfdbb62f74d3a742661a1f96
2009.0/i586/dhcp-doc-3.0.7-1.7mdv2009.0.i586.rpm
a87cc9bc27dd4308b29a72aa44bd2cc4
2009.0/i586/dhcp-relay-3.0.7-1.7mdv2009.0.i586.rpm
47c3b8ddba055a149e9c2a2ed8ddf1d4
2009.0/i586/dhcp-server-3.0.7-1.7mdv2009.0.i586.rpm
580a737a981bb37db6c221ddaad9b659
2009.0/SRPMS/dhcp-3.0.7-1.7mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64:
205d20102cc4ec6187de995814d29f26
2009.0/x86_64/dhcp-client-3.0.7-1.7mdv2009.0.x86_64.rpm
1877723f76250e44bb064fd579bd9055
2009.0/x86_64/dhcp-common-3.0.7-1.7mdv2009.0.x86_64.rpm
46a819a4c15aa3d7915eece8078bf54c
2009.0/x86_64/dhcp-devel-3.0.7-1.7mdv2009.0.x86_64.rpm
5f34210fa0e66fee60ad81464fae2d49
2009.0/x86_64/dhcp-doc-3.0.7-1.7mdv2009.0.x86_64.rpm
6d69a0a7419029e8fef5ecb15d94411d
2009.0/x86_64/dhcp-relay-3.0.7-1.7mdv2009.0.x86_64.rpm
a2cc3945a870d110fdd3afc39343aedd
2009.0/x86_64/dhcp-server-3.0.7-1.7mdv2009.0.x86_64.rpm
580a737a981bb37db6c221ddaad9b659
2009.0/SRPMS/dhcp-3.0.7-1.7mdv2009.0.src.rpm
Mandriva Linux 2010.0:
7dca7b7091aeb1490d034b7406ca6568
2010.0/i586/dhcp-client-4.1.2-0.2mdv2010.0.i586.rpm
d5d51ac715eb4f2d4ef28d0e84e47557
2010.0/i586/dhcp-common-4.1.2-0.2mdv2010.0.i586.rpm
9b34710d1a5577e1734fc3f6d71641ab
2010.0/i586/dhcp-devel-4.1.2-0.2mdv2010.0.i586.rpm
dee7786b4b9848d7ebad10711d96f0de
2010.0/i586/dhcp-doc-4.1.2-0.2mdv2010.0.i586.rpm
afda5d9060e0653ce7bb41fa122fcf72
2010.0/i586/dhcp-relay-4.1.2-0.2mdv2010.0.i586.rpm
3d8d959738fe477696e9d0cb0eb6571d
2010.0/i586/dhcp-server-4.1.2-0.2mdv2010.0.i586.rpm
b38f5840e56e5cd67e6595a913eeef15
2010.0/SRPMS/dhcp-4.1.2-0.2mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64:
8c9c26bf15bdab498a2b9eaab667fce1
2010.0/x86_64/dhcp-client-4.1.2-0.2mdv2010.0.x86_64.rpm
e788ec071e8ba85e07ead2eb5f76799f
2010.0/x86_64/dhcp-common-4.1.2-0.2mdv2010.0.x86_64.rpm
77112ba1f52adee40b41701ef8252f89
2010.0/x86_64/dhcp-devel-4.1.2-0.2mdv2010.0.x86_64.rpm
7c558d5b37a9146725c806866bcd7273
2010.0/x86_64/dhcp-doc-4.1.2-0.2mdv2010.0.x86_64.rpm
a90bd7525f31ceba3d8be408af5a2ab6
2010.0/x86_64/dhcp-relay-4.1.2-0.2mdv2010.0.x86_64.rpm
07f9c64e4c5a2a0e92c8e24f0200c044
2010.0/x86_64/dhcp-server-4.1.2-0.2mdv2010.0.x86_64.rpm
b38f5840e56e5cd67e6595a913eeef15
2010.0/SRPMS/dhcp-4.1.2-0.2mdv2010.0.src.rpm
Mandriva Linux 2010.1:
6de8d296802f046fee8aff5f1741e76a
2010.1/i586/dhcp-client-4.1.2-0.2mdv2010.2.i586.rpm
7734763fd15f882479227fba3b72ff53
2010.1/i586/dhcp-common-4.1.2-0.2mdv2010.2.i586.rpm
8cbfbfd569d327a0baa157c808eeda64
2010.1/i586/dhcp-devel-4.1.2-0.2mdv2010.2.i586.rpm
757ffeeca12cb8b2cc866cc57ef12c66
2010.1/i586/dhcp-doc-4.1.2-0.2mdv2010.2.i586.rpm
f2866c7d32690b96cff9af0ce44cd7a6
2010.1/i586/dhcp-relay-4.1.2-0.2mdv2010.2.i586.rpm
81da40e910c91c5bdc03a6fd855ecf82
2010.1/i586/dhcp-server-4.1.2-0.2mdv2010.2.i586.rpm
f6a907061ba9ad980e1b2feb861c2b38
2010.1/SRPMS/dhcp-4.1.2-0.2mdv2010.2.src.rpm
Mandriva Linux 2010.1/X86_64:
58078be9d423c568a028cbbc73753d7d
2010.1/x86_64/dhcp-client-4.1.2-0.2mdv2010.2.x86_64.rpm
415b86a4f35961d29df299172de85180
2010.1/x86_64/dhcp-common-4.1.2-0.2mdv2010.2.x86_64.rpm
a6b8c3abeb54c2bb2529f72e79db1725
2010.1/x86_64/dhcp-devel-4.1.2-0.2mdv2010.2.x86_64.rpm
0ee4a6c6d881fcbabf4f4a073a5cb3b1
2010.1/x86_64/dhcp-doc-4.1.2-0.2mdv2010.2.x86_64.rpm
e0bd77c3d94ebe40309acbfcbb4c5ce8
2010.1/x86_64/dhcp-relay-4.1.2-0.2mdv2010.2.x86_64.rpm
6bf19dbab153e587d79fdf23e4458968
2010.1/x86_64/dhcp-server-4.1.2-0.2mdv2010.2.x86_64.rpm
f6a907061ba9ad980e1b2feb861c2b38
2010.1/SRPMS/dhcp-4.1.2-0.2mdv2010.2.src.rpm
Corporate 4.0:
0759756055f4eeb33d9bc2bfe9cb6b6a
corporate/4.0/i586/dhcp-client-3.0.7-0.3.20060mlcs4.i586.rpm
6db1ad43e4c45b5169e649254fec4643
corporate/4.0/i586/dhcp-common-3.0.7-0.3.20060mlcs4.i586.rpm
24e06de7ed92c91cf6a4fb61990a4395
corporate/4.0/i586/dhcp-devel-3.0.7-0.3.20060mlcs4.i586.rpm
5438ebf7987686f977ce6fa215291f0a
corporate/4.0/i586/dhcp-relay-3.0.7-0.3.20060mlcs4.i586.rpm
f3eae776b918b21a0787aa4eca90bfb5
corporate/4.0/i586/dhcp-server-3.0.7-0.3.20060mlcs4.i586.rpm
0b78b88f121b8910389456327e4aed76
corporate/4.0/SRPMS/dhcp-3.0.7-0.3.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
0c81a6a1e211458111d4de569dc3751c
corporate/4.0/x86_64/dhcp-client-3.0.7-0.3.20060mlcs4.x86_64.rpm
99b8e557cbe451a5b48e765f9777fcce
corporate/4.0/x86_64/dhcp-common-3.0.7-0.3.20060mlcs4.x86_64.rpm
c784d73a8594f4490b02f4f4bf9c3878
corporate/4.0/x86_64/dhcp-devel-3.0.7-0.3.20060mlcs4.x86_64.rpm
b6e5739df340888d0f486c4bb704a6d5
corporate/4.0/x86_64/dhcp-relay-3.0.7-0.3.20060mlcs4.x86_64.rpm
44b1091f9070185def5f1b505087aea2
corporate/4.0/x86_64/dhcp-server-3.0.7-0.3.20060mlcs4.x86_64.rpm
0b78b88f121b8910389456327e4aed76
corporate/4.0/SRPMS/dhcp-3.0.7-0.3.20060mlcs4.src.rpm
Mandriva Enterprise Server 5:
212002c0d99535d8d55d2019f9e60524
mes5/i586/dhcp-client-3.0.7-1.7mdvmes5.1.i586.rpm
2e40e4182cc8f65739e83201083c59e7
mes5/i586/dhcp-common-3.0.7-1.7mdvmes5.1.i586.rpm
ec1b13bebe71aa422695e2e8ea611141
mes5/i586/dhcp-devel-3.0.7-1.7mdvmes5.1.i586.rpm
9e31acc697b7a3226e9242586217ccd6
mes5/i586/dhcp-doc-3.0.7-1.7mdvmes5.1.i586.rpm
b91892afb53586e598ad1da61be401fb
mes5/i586/dhcp-relay-3.0.7-1.7mdvmes5.1.i586.rpm
f90cea092aadd1ada7fbb6b7498f6e9f
mes5/i586/dhcp-server-3.0.7-1.7mdvmes5.1.i586.rpm
51d131c36f166d0c2db73468939d1db6 mes5/SRPMS/dhcp-3.0.7-1.7mdvmes5.1.src.rpm
Mandriva Enterprise Server 5/X86_64:
1e08d43652114295fe73eae2d7039166
mes5/x86_64/dhcp-client-3.0.7-1.7mdvmes5.1.x86_64.rpm
76b1963dd3cbbcc522ad721b38401e36
mes5/x86_64/dhcp-common-3.0.7-1.7mdvmes5.1.x86_64.rpm
82c2719758d4f30a033f6f56745ad18c
mes5/x86_64/dhcp-devel-3.0.7-1.7mdvmes5.1.x86_64.rpm
070db091fef95a1f7cd57739a6bec486
mes5/x86_64/dhcp-doc-3.0.7-1.7mdvmes5.1.x86_64.rpm
688e65042922da02211e849cbc196f29
mes5/x86_64/dhcp-relay-3.0.7-1.7mdvmes5.1.x86_64.rpm
894b1f07fee958e9988ece7f0bc09fd0
mes5/x86_64/dhcp-server-3.0.7-1.7mdvmes5.1.x86_64.rpm
51d131c36f166d0c2db73468939d1db6 mes5/SRPMS/dhcp-3.0.7-1.7mdvmes5.1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFNJwvmmqjQ0CJFipgRAlf9AJ4/ChDCuyQYP08zzVaTp8qwCDrrnACffhdq
tWsFRJ4JWWnGizO4/QwSBVQ=
=pbwi
-----END PGP SIGNATURE-----
Posljednje sigurnosne preporuke