Linux Today: Linux News On Internet Time.

More on LinuxToday

Techworld: Linux Vendors Tackle Security Holes

Jun 23, 2004, 15:15 (0 Talkback[s])
(Other stories by Matthew Broersma)

"Linux vendors have begun releasing fixes for two critical security bugs in a networking component that could allow a denial-of-service attack or enable an attacker to take control of a system.

"The problem is with the Internet Systems Consortium's Dynamic Host Configuration Protocol (DHCP) 3 application, shipped with many Linux and Unix operating system distributions as a tool for transmitting configuration information across a network. Researchers discovered two flaws in the application that could allow a malicious user to crash systems running the DHCP Daemon, and possibly also to execute code with the privileges of the daemon process, which is typically root--the highest level of access..."

Complete Story

Related Story:
Mandrakelinux Advisory: dhcp(Jun 22, 2004)