Internet Security Systems, Inc. Information for VU#410676

ISC DHCP dhclient stack buffer overflow

Status

Affected

Vendor Statement

IBM Internet Security Systems has identified some ISS products that are vulnerable to CVE-2009-0692. Critical Product Updates, Security Patches, and Content Updates were made available on July 14, 2009 to fix the ISC DHCP Client vulnerability that affects multiple IBM ISS products.

For more information about the vulnerability including IBM ISS Intrusion Prevention/Intrusion Detection coverage for the issue, see the ISC DHCP Client Buffer Overflow X-Force Protection Alert.
For more information about ISS product updates and patches including a list of affected products and versions, see ISS Knowledgebase Article 5563.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=5563
http://www.iss.net/threats/331.html

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.