Ubuntu Security Notice (C) 2009-2013 Canonical, Inc. / NASL script (C) 2009-2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
It was discovered that the DHCP client as included in dhcp3 did not
verify the length of certain option fields when processing a response
from an IPv4 dhcp server. If a user running Ubuntu 6.06 LTS or 8.04
LTS connected to a malicious dhcp server, a remote attacker could
cause a denial of service or execute arbitrary code as the user
invoking the program, typically the 'dhcp' user. For users running
Ubuntu 8.10 or 9.04, a remote attacker should only be able to cause a
denial of service in the DHCP client. In Ubuntu 9.04, attackers would
also be isolated by the AppArmor dhclient3 profile.
Update the affected packages.
Risk factor :
Critical / CVSS Base Score : 10.0
Family: Ubuntu Local Security Checks
Nessus Plugin ID: 39800 ()
CVE ID: CVE-2009-0692
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.