ISC Information for VU#854315

ISC DHCPD contains format string vulnerability when logging DNS-update requests

Status

Affected

Vendor Statement

      A patch is included below, and we have a patched version of 3.0 available (3.0pl1) and a new release candidate for the next bug-fix release (3.0.1RC9).  Both of these new releases are not vulnerable.

      --- common/print.c      Tue Apr  9 13:41:17 2002
      +++ common/print.c.patched      Tue Apr  9 13:41:56 2002
      @@ -1366,8 +1366,8 @@
                     *s++ = '.';
             *s++ = 0;
             if (errorp)
      -               log_error (obuf);
      +               log_error ("%s",obuf);
             else
      -               log_info (obuf);
      +               log_info ("%s",obuf);
      }
      #endif /* NSUPDATE */

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

Upgrade to a newer version or apply the following patch.

--- common/print.c Tue Apr 9 13:41:17 2002
+++ common/print.c.patched Tue Apr 9 13:41:56 2002
@@ -1366,8 +1366,8 @@
*s++ = '.';
*s++ = 0;
if (errorp)
- log_error (obuf);
+ log_error ("%s",obuf);
else
- log_info (obuf);
+ log_info ("%s",obuf);
}
#endif /* NSUPDATE */

If you have feedback, comments, or additional information about this vulnerability, please send us email.