LXer: DHCP server can take over client
Published at LXer:
Specially crafted DHCP servers can take control of a PC if the PC is running the DHCP client supplied by the Internet Systems Consortium (ISC) (dhclient). This is the default set-up in Ubuntu, BSD and many other Linux distributions. According to an ISC advisory, the vulnerability is based on a buffer overflow that allows attackers to inject arbitrary code into a system and execute it at root level. The buffer overflow can be triggered in the script_write_params method using excessively long server-supplied subnet masks. Read More... |
All times are GMT -5. The time now is 02:42 PM. |