Mandrake Linux Security Advisory : dhcpcd (MDKSA-2003:003)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing a security update.

Description :

A vulnerability was discovered by Simon Kelley in the dhcpcd DHCP
client daemon. dhcpcd has the ability to execute an external script
named dhcpcd-<interface>.exe when an IP address is assigned to that
network interface. The script sources the file
/var/lib/dhcpcd/dhcpcd-<interface>.info which contains shell variables
and DHCP assignment information. The way quotes are handled inside
these assignments is flawed, and a malicious DHCP server can execute
arbitrary shell commands on the vulnerable DHCP client system. This
can also be exploited by an attacker able to spoof DHCP responses.

Mandrake Linux packages contain a sample /etc/dhcpc/dhcpcd.exe file
and encourages all users to upgrade immediately. Please note that when
you do upgrade, you will have to restart the network for the changes
to take proper effect by issuing 'service network restart' as root.

See also :

http://www.net-security.org/advisory.php?id=1473

Solution :

Update the affected dhcpcd package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 13988 (mandrake_MDKSA-2003-003.nasl)

Bugtraq ID:

CVE ID: CVE-2002-1403
CVE-2003-0066

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now