CastleCops, Internet Crime Fighters
Need help? Click here to register for free! Absolutely zero advertisements on this site!

$9736.22 of $21422.68
left sidedonated so farneed $11686.46 donated to reach our goalright side, our goal
Help CastleCops serve the community on new servers, Donate Here to reach our goal.

Donation/Premium
spacer
Donations. Become Premium Today! Premium Icon
block bottom
Security Central
spacer
· Home
· PIRT/Fried Phish
· MIRT
· SIRT
· Deutsch
· Wiki
· Newsletter
· O16/ActiveX
· CLSID List
· Contest2007
· Downloads
· Feedback (send)
· Forums
· HijackThis
· Hijacktrend
· LSPs
· My Downloads
· O18
· O20
· O21
· O22
· O23
· O9
· Premium
· Private Messages
· Proxomitron
· Reviews
· Search
· StartupList
· Stories Archive
· Submit News
· WsIRT
· Your Account
· Acceptable Use Policy
block bottom
Survey
spacer
Was 2007 a good year?

Yes it was a wonderful year
Yes, but there is always room for improvement
Status quo
It was a challenge
Other (leave comment)



Results
Polls

Votes: 937
Comments: 25
block bottom
spacer spacer
image Advisories!: CERT Warns of DHCP Vulns image
Linux
Several potentionally dangerous security flaws exist in the Internet Software Consortium's (ISC) DHCP (Dynamic Host Configuration Protocol) software, which is shipped as part of several operating systems, the CERT Coordination Center (CERT/CC) warned Thursday.

In an internal audit, ISC discovered multiple buffer overflow flaws in versions 3.0 through 3.0.1RC10 of its DHCP product, according to a CERT advisory.

The flaws lie in a feature of ISC's DHCP product that allows the DHCP server to automatically update a DNS (Domain Name System) server. An attacker could take over an affected system by sending a DHCP message containing a large hostname, according to CERT.

The ISC DHCP software ships as part of products from Red Hat and SuSE Linux; the vulnerability status of many other vendors is still unknown, CERT said. Red Hat already has a patch available; SuSE is working on a software update, according to CERT.

--

Full article and source: Overseas Security Advisory Council
________________________________

Solution

Upgrade or apply a patch


The ISC has addressed these vulnerabilities in versions 3.0pl2 and 3.0.1RC11 of ISC DHCPD. If your software vendor supplies ISC DHCPD as part of an operating system distribution, please see Appendix A for vendor-specific patch information.

For a detailed list of vendors that have been notified of this issue by the CERT/CC, please see
http://www.kb.cert.org/vuls/id/284857#systems

Disable dynamic DNS updates (NSUPDATE)


As an interim measure, the ISC recommends disabling the NSUPDATE feature on affected DHCP servers.

Block external access to DHCP server ports


As an interim measure, it is possible to limit exposure to these vulnerabilities by restricting external access to affected DHCP servers on the following ports: 
bootps      67/tcp      # Bootstrap Protocol Server
bootps      67/udp      # Bootstrap Protocol Server
bootpc      68/tcp      # Bootstrap Protocol Client
bootpc      68/udp      # Bootstrap Protocol Client

Disable the DHCP service


As a general rule, the CERT/CC recommends disabling any service or capability that is not explicitly required. Depending on your network configuration, you may not need to use DHCP.


Full article and source: CERT
Posted on Monday, 20 January 2003 @ 07:00:00 UTC by cj (1429 reads)
[ Trackback ]		image

"Advisories!: CERT Warns of DHCP Vulns" | Login/Create an Account | 0 comments
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register
 
Login
spacer
Nickname

Password

Security Code: Type Security Code: Usage signifies AUP acceptance
· New User? · Click here to create a registered account.
block bottom
Related Links
spacer
· del.icio.us!
· digg it!
· reddit!
· TrackBack (0)
· Linux.com
· Red Hat
· SuSE
· HotScripts
· W3 Consortium
· More about Linux
· News by cj

Most read story about Linux:
The world's easiest Linux desktop deployment and management - NOW FREE!
block bottom
Article Rating
spacer
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent
block bottom
Options
spacer

Printer Friendly Page  Printer Friendly Page
block bottom
2002-2008 © Computer Cops LLC dba CastleCops®. All rights reserved.
Acceptable Use Policy. Use signifies your agreement.
126ppm 0.225s (0.01s)
Making cybercriminals unhappy since 2002*
In Memory of Trpm
spacer spacer