Current Activity - ISC dhclient Vulnerability

[Current Activity <us-cert () us-cert gov>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

US-CERT Current Activity

ISC dhclient Vulnerability

Original release date: April 8, 2011 at 8:08 am
Last revised: April 8, 2011 at 8:08 am


The Internet Systems Consortium (ISC) has released an advisory to
address a vulnerability in its dhclient application. This
vulnerability may allow a remote attacker to execute arbitrary code on
the client machine.

US-CERT encourages administrators of this product to review the ISC
advisory. Users of ISC DHCP from the original source distribution
should upgrade to ISC DHCP version 3.1-ESV-R1, 4.1-ESV-R2, or
4.2.1-P1. Users who obtain ISC DHCP from a third-party vendor, such as
their operating system vendor, should check with their software vendor
for updated versions.

Additional information regarding this vulnerability can be found in
US-CERT Vulnerability Note VU#107886.

Relevant Url(s):
<https://www.isc.org/software/dhcp/advisories/cve-2011-0997>

<http://www.kb.cert.org/vuls/id/107886>

====
This entry is available at
http://www.us-cert.gov/current/index.html#isc_dhclient_vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBTZ8Pej6pPKYJORa3AQK45gf+Psob8AMX00fYfeLCAu7iLKhadocBbE7T
Iv7vmIyjVF8N+TZFfcD5TfSPR+jLFFKtZiYfjg6ABcpzbDfhl7kBJUDtG9/s2DY8
BFHTr+HGTbTzPkgQQ9eGD1KsJa+v9YTIsc5sWmq6ufb2vCemnGJxX3CUFGPe8Gw0
I+uJXDlC+xSibirF8oZj6+9XsAQ0Khh0jIyBAngkObzPLvOi5s2q6uUdndxO1N+B
x7+Y4WhYQrjujDiDZKtoFaXEkSzHQU1OJRox1vQSAvJF1EXsyE5OkzCkxVW2K6yP
AbscaOMev/omaeHQlK1CFv8xQGNztnvgwKVinxwog7ovTw2yZLPiAg==
=VHq1
-----END PGP SIGNATURE-----