[Secure-testing-team] Bug#672232: isc-dhcp-client: client requests (and applies) properties, though removed from the request int the config
Christoph Anton Mitterer
calestyo at scientia.net
Wed May 9 09:51:01 UTC 2012
Package: isc-dhcp-client
Version: 4.2.2.dfsg.1-5
Severity: important
Tags: security
Hi.
It seems that the client requests (and applies) settings, even though they were removed
from /etc/dhcp/dhclient.conf.
e.g. below, I removed domain-search, nevertheless, the value from the dhcp server is written
to resolv.conf.
Given that this affects DNS a rogue DHCP server could easily use this for attacks.
Cheers,
Chris.
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.15-heisenberg (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_DE.UTF-8, LC_CTYPE=en_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages isc-dhcp-client depends on:
ii debianutils 4.3
ii iproute 20120319-1
ii isc-dhcp-common 4.2.2.dfsg.1-5
ii libc6 2.13-32
isc-dhcp-client recommends no packages.
Versions of packages isc-dhcp-client suggests:
ii avahi-autoipd <none>
ii resolvconf 1.65
-- Configuration Files:
/etc/dhcp/dhclient.conf changed:
option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;
send host-name = gethostname();
request subnet-mask, broadcast-address, time-offset, routers,
domain-name, domain-name-servers,
netbios-name-servers, netbios-scope, interface-mtu,
rfc3442-classless-static-routes, ntp-servers;
-- no debconf information
More information about the Secure-testing-team
mailing list