=========================================================== Ubuntu Security Notice USN-531-1 October 22, 2007 dhcp vulnerability CVE-2007-5365 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: dhcp 2.0pl5-19.4ubuntu0.1 Ubuntu 6.10: dhcp 2.0pl5-19.4ubuntu1.1 Ubuntu 7.04: dhcp 2.0pl5-19.5ubuntu2.1 Ubuntu 7.10: dhcp 2.0pl5dfsg1-20ubuntu1.1 In general, a standard system upgrade is sufficient to affect the necessary changes. Details follow: Nahuel Riva and Gerardo Richarte discovered that the DHCP server did not correctly handle certain client options. A remote attacker could send malicious DHCP replies to the server and execute arbitrary code. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp_2.0pl5-19.4ubuntu0.1.diff.gz Size/MD5: 108088 65d8b55c7a2cf3b6e8911056a092e0db http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp_2.0pl5-19.4ubuntu0.1.dsc Size/MD5: 691 f1a732d5c111aba4910303069f6aa0f6 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp_2.0pl5.orig.tar.gz Size/MD5: 294909 ab22f363a7aff924e2cc9d1019a21498 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.4ubuntu0.1_amd64.udeb Size/MD5: 47322 4620b7ef8ec75ef21fe8b2d4990ff84e http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client_2.0pl5-19.4ubuntu0.1_amd64.deb Size/MD5: 109572 ae4230ce73a430d18bd1274fa0cd0ff2 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-relay_2.0pl5-19.4ubuntu0.1_amd64.deb Size/MD5: 76716 df864b6ecdac9266e91cf7e01794aaf3 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp_2.0pl5-19.4ubuntu0.1_amd64.deb Size/MD5: 115772 f66f7fe1612ca1c38072b70519d898a4 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.4ubuntu0.1_i386.udeb Size/MD5: 41260 90af57dae0621cb15f9389cd8225b0e2 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client_2.0pl5-19.4ubuntu0.1_i386.deb Size/MD5: 103718 08d499fafb459a9fd13c9fa64c12ae9c http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-relay_2.0pl5-19.4ubuntu0.1_i386.deb Size/MD5: 72888 59644d4f649ec20e46f98fa357820eb0 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp_2.0pl5-19.4ubuntu0.1_i386.deb Size/MD5: 110132 9a1a467805da579d4869c35b3fa44f91 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.4ubuntu0.1_powerpc.udeb Size/MD5: 43664 5d85efedbd7699d89c84658dfd620205 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client_2.0pl5-19.4ubuntu0.1_powerpc.deb Size/MD5: 106156 efc2601a3c3219e86acfad264c298448 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-relay_2.0pl5-19.4ubuntu0.1_powerpc.deb Size/MD5: 74832 cb32ac6094b116eaa64420bc12a1a9e5 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp_2.0pl5-19.4ubuntu0.1_powerpc.deb Size/MD5: 112400 2899bdf5de8a5f8db8ac5b107b04cd13 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.4ubuntu0.1_sparc.udeb Size/MD5: 43838 1264a0021beb922b279fd148ebd18f91 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client_2.0pl5-19.4ubuntu0.1_sparc.deb Size/MD5: 106504 9bc58bcfbbdc6269fd8b8546d8a1078e http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-relay_2.0pl5-19.4ubuntu0.1_sparc.deb Size/MD5: 74992 1f0c12c080c5334c2d17707b84f59a32 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp_2.0pl5-19.4ubuntu0.1_sparc.deb Size/MD5: 112920 0747d3bfa39eca0ce990cd1c91bded05 Updated packages for Ubuntu 6.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp_2.0pl5-19.4ubuntu1.1.diff.gz Size/MD5: 108319 99d45b58f0d45b24cbf582a6dc09febe http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp_2.0pl5-19.4ubuntu1.1.dsc Size/MD5: 691 246da5abd23374fc92915a1da5f409a6 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp_2.0pl5.orig.tar.gz Size/MD5: 294909 ab22f363a7aff924e2cc9d1019a21498 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.4ubuntu1.1_amd64.udeb Size/MD5: 48110 f5ade03dc424279fb4562f32f3770bd9 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client_2.0pl5-19.4ubuntu1.1_amd64.deb Size/MD5: 110456 3c3c7354346154da564b6997a2c03481 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-relay_2.0pl5-19.4ubuntu1.1_amd64.deb Size/MD5: 77384 12b64ebbb718a29b24ac93e729fdc792 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp_2.0pl5-19.4ubuntu1.1_amd64.deb Size/MD5: 116878 be3c4c917864af7c3f7911240eb87858 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.4ubuntu1.1_i386.udeb Size/MD5: 42380 6b0867d73ac495955f4ab71332a75ab3 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client_2.0pl5-19.4ubuntu1.1_i386.deb Size/MD5: 104826 aec56d75db1269a016d00b0f03fcb7e2 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-relay_2.0pl5-19.4ubuntu1.1_i386.deb Size/MD5: 73808 38c69b79a7b527c0508dd1644a37ebeb http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp_2.0pl5-19.4ubuntu1.1_i386.deb Size/MD5: 111484 c74d1d467cc64f3d3af662a6ab868c70 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.4ubuntu1.1_powerpc.udeb Size/MD5: 44128 9780c236832ff454c75de577b7889627 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client_2.0pl5-19.4ubuntu1.1_powerpc.deb Size/MD5: 106778 e15e31a3d91867a33889e29d4d24bb33 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-relay_2.0pl5-19.4ubuntu1.1_powerpc.deb Size/MD5: 75418 b22ec8d4dbd261a9b3793c7df2291d37 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp_2.0pl5-19.4ubuntu1.1_powerpc.deb Size/MD5: 112946 a3aafd9d5d8280eef709e3a241bf6fdf sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.4ubuntu1.1_sparc.udeb Size/MD5: 45206 9fb7dbfd703b3f7494edeb42f1f2c4e7 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client_2.0pl5-19.4ubuntu1.1_sparc.deb Size/MD5: 107852 53bc29628c3dd183074ac11d57ae5cd8 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-relay_2.0pl5-19.4ubuntu1.1_sparc.deb Size/MD5: 76094 57826859eeaa329872b6bcbd0a0da773 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp_2.0pl5-19.4ubuntu1.1_sparc.deb Size/MD5: 114364 1f4df17a6567c53f82a712dc4838fca5 Updated packages for Ubuntu 7.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp_2.0pl5-19.5ubuntu2.1.diff.gz Size/MD5: 108856 9068ed213609edcf85c4980c0ba00531 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp_2.0pl5-19.5ubuntu2.1.dsc Size/MD5: 775 cd23dc91e2207d693e951b08f7bff7f9 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp_2.0pl5.orig.tar.gz Size/MD5: 294909 ab22f363a7aff924e2cc9d1019a21498 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5ubuntu2.1_amd64.udeb Size/MD5: 48146 df821088116aa248287f2f05d2c619ac http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client_2.0pl5-19.5ubuntu2.1_amd64.deb Size/MD5: 110738 22b189ebe9fde53c3b3760eb8ee6bcce http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-relay_2.0pl5-19.5ubuntu2.1_amd64.deb Size/MD5: 77716 f3e609dea0e73a45777233e876a38599 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp_2.0pl5-19.5ubuntu2.1_amd64.deb Size/MD5: 117196 1c8ad1e8a8720204a3f72aa4c3934222 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5ubuntu2.1_i386.udeb Size/MD5: 42394 ebcd2e9142aff0ce87fc4fbee5716349 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client_2.0pl5-19.5ubuntu2.1_i386.deb Size/MD5: 105082 857bbb07db120408f3c0342e8dd3f927 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-relay_2.0pl5-19.5ubuntu2.1_i386.deb Size/MD5: 74170 8cd56d6b7a12fefa8c52681f590076c4 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp_2.0pl5-19.5ubuntu2.1_i386.deb Size/MD5: 111790 a267078b9ef14d4b1053741e8b4f5e7b powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5ubuntu2.1_powerpc.udeb Size/MD5: 45206 8509b4de59aae12d1768ab6a3ad6e0d6 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client_2.0pl5-19.5ubuntu2.1_powerpc.deb Size/MD5: 108088 6306df51227c6b1d5e31945e1b59c1be http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-relay_2.0pl5-19.5ubuntu2.1_powerpc.deb Size/MD5: 76470 0a7e0f7552b855011ea4e6557b1bc0f8 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp_2.0pl5-19.5ubuntu2.1_powerpc.deb Size/MD5: 114224 146f3f882427b59efcb9257c006d23ff sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5ubuntu2.1_sparc.udeb Size/MD5: 45744 4313e2f1206796d1b4568cfc64a50400 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client_2.0pl5-19.5ubuntu2.1_sparc.deb Size/MD5: 108526 80ec87d90d5c634b8a1a9dce2208e913 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-relay_2.0pl5-19.5ubuntu2.1_sparc.deb Size/MD5: 76744 87a931b1cc4b626473e84aeef2332ddb http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp_2.0pl5-19.5ubuntu2.1_sparc.deb Size/MD5: 115214 ee4b41ef734b1082d5914f26f6e3deb5 Updated packages for Ubuntu 7.10: Source archives: http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp_2.0pl5dfsg1-20ubuntu1.1.diff.gz Size/MD5: 58237 62a723a12956ea2a0cbebd2ddb88c017 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp_2.0pl5dfsg1-20ubuntu1.1.dsc Size/MD5: 734 654d981c06763f9ba838e06a913f0b73 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp_2.0pl5dfsg1.orig.tar.gz Size/MD5: 244890 0e1a88fe2e55c310f1a2f9150f4aeeee amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client-udeb_2.0pl5dfsg1-20ubuntu1.1_amd64.udeb Size/MD5: 48454 bb14a8a6e227be7a5071620ee6bfd808 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client_2.0pl5dfsg1-20ubuntu1.1_amd64.deb Size/MD5: 110786 c1c65b22cd31c395810f38b5d105e6ee http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-relay_2.0pl5dfsg1-20ubuntu1.1_amd64.deb Size/MD5: 77662 45a3380cb769ab8c0dc709b433373242 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp_2.0pl5dfsg1-20ubuntu1.1_amd64.deb Size/MD5: 117090 04e87824199b7bdc07fc3e14682a881f i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client-udeb_2.0pl5dfsg1-20ubuntu1.1_i386.udeb Size/MD5: 42372 445ff45237987d32994ce823aca24919 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client_2.0pl5dfsg1-20ubuntu1.1_i386.deb Size/MD5: 104780 a683c066ffc766001a74840698efe609 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-relay_2.0pl5dfsg1-20ubuntu1.1_i386.deb Size/MD5: 73854 e49efeef6aa0f9d6119d85e71e0f4564 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp_2.0pl5dfsg1-20ubuntu1.1_i386.deb Size/MD5: 111526 3f42b5e1f8efad5ba607426257729785 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client-udeb_2.0pl5dfsg1-20ubuntu1.1_powerpc.udeb Size/MD5: 45202 0992269f31407f1347df3f8962ed5fa3 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client_2.0pl5dfsg1-20ubuntu1.1_powerpc.deb Size/MD5: 107698 7e12ba208451b52ce4295f44be13b68b http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-relay_2.0pl5dfsg1-20ubuntu1.1_powerpc.deb Size/MD5: 76184 a2ac17aaf17dcafbb1f8c0f618cc8f74 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp_2.0pl5dfsg1-20ubuntu1.1_powerpc.deb Size/MD5: 113912 9d89c17a348b4ae9306544a70cb4c5d9 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client-udeb_2.0pl5dfsg1-20ubuntu1.1_sparc.udeb Size/MD5: 45794 39055cdaf1150aef796077d011f44d72 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-client_2.0pl5dfsg1-20ubuntu1.1_sparc.deb Size/MD5: 108290 cddf5fe42de3e5cbb42da5d49a666f29 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp-relay_2.0pl5dfsg1-20ubuntu1.1_sparc.deb Size/MD5: 76488 be38b6f1fe7d388765046abfb91ed156 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp/dhcp_2.0pl5dfsg1-20ubuntu1.1_sparc.deb Size/MD5: 114870 11945b4e1a37e04fff0d2a496ebb9216
Attachment:
signature.asc
Description: Digital signature