Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-0692

CWE-119 — Buffer Overflow CWE-130 CWE-121 — Stack-based Buffer Overflow10 documents8 sources

Severity

10.0CRITICAL

EPSS

28.1%

top 3.51%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

ISC Dhcp

Timeline

PublishedJul 14

Latest updateMay 2

Description

Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDisc/dhcp5 versions+4

Patches

Patch: www.isc.org ↗Patch: www.isc.org ↗

🔴Vulnerability Details

GHSA

GHSA-cjw8-pp44-m8v2: Stack-based buffer overflow in the script_write_params method in client/dhclient↗2022-05-02

▶

CVEList

CVE-2009-0692: Stack-based buffer overflow in the script_write_params method in client/dhclient↗2009-07-14

▶

💥Exploits & PoCs

Exploit-DB

ISC DHCP dhclient < 3.1.2p1 - Remote Buffer Overflow (PoC)↗2009-07-27

▶

📋Vendor Advisories

Ubuntu

Dhcp vulnerability↗2010-01-27

▶

Red Hat

dhclient: stack overflow leads to arbitrary code execution as root↗2009-07-14

▶

Ubuntu

dhcp vulnerability↗2009-07-14

▶

🕵️Threat Intelligence

Talos

Rule release for today - July 16th 2009↗2009-07-16

▶

Talos

Rule release for today - July 16th 2009↗2009-07-16

▶

💬Community

Bugzilla

CVE-2009-0692 dhclient: stack overflow leads to arbitrary code execution as root↗2009-06-23

▶