Date: Sun, 12 May 2002 10:06:32 +0300 (EEST) From: Jarkko Santala <jake@iki.fi> To: Brett Glass <brett@forum.lariat.org> Cc: security@FreeBSD.ORG Subject: Re: DHCPD bug Message-ID: <20020512100311.D258-100000@trillian.santala.org> In-Reply-To: <200205112302.RAA15457@forum.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 11 May 2002, Brett Glass wrote: > There's a nasty bug in ISC's DHCPD -- a remote root hole -- that affects > the versions that have been provided as ports and packages in recent > releases. See Based on the CERT Advisory, it would seem to me that one is only vulnerable if dynamic dns updates are enabled. If they're off, I would have to think dhcpd doesn't try log any replies from nameservers. None of the advisories I've read mention anything about this. I'd definitely like to know if I'm wrong. ;) http://www.cert.org/advisories/CA-2002-12.html Thanks, -jake -- Jarkko Santala <jake@iki.fi> http://www.iki.fi/~jake/ System Administrator 2001:670:83:f08::/64 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020512100311.D258-100000>