DHCP: ISC DHCP dhclient pretty_print_option Stack Buffer Overflow

This detects attempt to exploit a stack-based buffer overflow vulnerability which has been reported in ISC DHCP dhclient. A remote attacker on the local network can exploit this vulnerability by sending a malicious response to a vulnerable client. Successful exploitation could result in the execution of arbitrary code under the context of the dhclient process.

Extended Description

Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. Affects ISC DHCP versions 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0

Affected Products

Isc dhcp

References

CVE: CVE-2018-5732

Short Name
DHCP:ISC-PRETTY-PRINT-BO
Severity
Major
Recommended
True
Recommended Action
Drop
Category
DHCP
Keywords
Buffer CVE-2018-5732 DHCP ISC Overflow Stack dhclient pretty_print_option
Release Date
04/05/2018
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3415
Port
UDP/546
False Positive
Unknown
Vendors

Isc

CVSS Score

5.0

Found a potential security threat?