ISC DHCPD Server Remote Stack Corruption Vulnerability

Publish date: July 21, 2015

Severity: HIGH

CVE Identifier: CVE-2007-5365

Advisory Date: JUL 21, 2015

DESCRIPTION

Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.

TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

SOLUTION

Trend Micro Deep Security DPI Rule Number: 1001173

Trend Micro Deep Security DPI Rule Name: 1001173 - ISC DHCPD Server Remote Stack Corruption Vulnerability

AFFECTED SOFTWARE AND VERSION

debian debian_linux 3.1
debian debian_linux 4.0
openbsd openbsd 4.0
openbsd openbsd 4.1
openbsd openbsd 4.2
redhat enterprise_linux 2.1
redhat linux_advanced_workstation 2.1
sun opensolaris snv_01
sun opensolaris snv_02
sun opensolaris snv_03
sun opensolaris snv_04
sun opensolaris snv_05
sun opensolaris snv_06
sun opensolaris snv_07
sun opensolaris snv_08
sun opensolaris snv_09
sun opensolaris snv_10
sun opensolaris snv_100
sun opensolaris snv_101
sun opensolaris snv_102
sun opensolaris snv_11
sun opensolaris snv_12
sun opensolaris snv_13
sun opensolaris snv_14
sun opensolaris snv_15
sun opensolaris snv_16
sun opensolaris snv_17
sun opensolaris snv_18
sun opensolaris snv_119
sun opensolaris snv_20
sun opensolaris snv_21
sun opensolaris snv_22
sun opensolaris snv_23
sun opensolaris snv_24
sun opensolaris snv_25
sun opensolaris snv_26
sun opensolaris snv_27
sun opensolaris snv_28
sun opensolaris snv_29
sun opensolaris snv_30
sun opensolaris snv_31
sun opensolaris snv_32
sun opensolaris snv_33
sun opensolaris snv_34
sun opensolaris snv_35
sun opensolaris snv_36
sun opensolaris snv_37
sun opensolaris snv_38
sun opensolaris snv_39
sun opensolaris snv_40
sun opensolaris snv_41
sun opensolaris snv_42
sun opensolaris snv_43
sun opensolaris snv_44
sun opensolaris snv_45
sun opensolaris snv_46
sun opensolaris snv_47
sun opensolaris snv_48
sun opensolaris snv_49
sun opensolaris snv_50
sun opensolaris snv_51
sun opensolaris snv_52
sun opensolaris snv_53
sun opensolaris snv_54
sun opensolaris snv_55
sun opensolaris snv_56
sun opensolaris snv_57
sun opensolaris snv_58
sun opensolaris snv_59
sun opensolaris snv_60
sun opensolaris snv_61
sun opensolaris snv_62
sun opensolaris snv_63
sun opensolaris snv_64
sun opensolaris snv_65
sun opensolaris snv_66
sun opensolaris snv_67
sun opensolaris snv_68
sun opensolaris snv_69
sun opensolaris snv_70
sun opensolaris snv_71
sun opensolaris snv_72
sun opensolaris snv_73
sun opensolaris snv_74
sun opensolaris snv_75
sun opensolaris snv_76
sun opensolaris snv_77
sun opensolaris snv_78
sun opensolaris snv_79
sun opensolaris snv_80
sun opensolaris snv_81
sun opensolaris snv_82
sun opensolaris snv_83
sun opensolaris snv_84
sun opensolaris snv_85
sun opensolaris snv_86
sun opensolaris snv_87
sun opensolaris snv_88
sun opensolaris snv_89
sun opensolaris snv_90
sun opensolaris snv_91
sun opensolaris snv_92
sun opensolaris snv_93
sun opensolaris snv_94
sun opensolaris snv_95
sun opensolaris snv_96
sun opensolaris snv_97
sun opensolaris snv_98
sun opensolaris snv_99
sun solaris 10.0
sun solaris 8.0
sun solaris 9.0
ubuntu ubuntu_linux 6.06
ubuntu ubuntu_linux 6.10
ubuntu ubuntu_linux 7.04
ubuntu ubuntu_linux 7.10

Featured Stories

Beware of MCP Hardcoded Credentials: A Perfect Target for Threat Actors
Poor secret management in MCP servers can lead to serious consequences, including data breaches and supply chain attacks. This article examines the reality of these unsecure configurations and offers practical recommendations that minimize the chances of exposure.
Read more
$Lessons in Resilience from the Race to Patch SharePoint Vulnerabilities$
Lessons in Resilience from the Race to Patch SharePoint Vulnerabilities
In this article, Trend Micro discusses how the fast-moving attacks using CVE-2025-53770 and CVE-2025-53771 have underscored the essential role of virtual patching and reliable intelligence in protecting organizations against evolving threats.
Read more
$Unveiling AI Agent Vulnerabilities Part V: Securing LLM Services$
Unveiling AI Agent Vulnerabilities Part V: Securing LLM Services
To conclude our series on agentic AI, this article examines emerging vulnerabilities that threaten AI agents, focusing on providing proactive security recommendations on areas such as code execution, data exfiltration, and database access.
Read more
$Unveiling AI Agent Vulnerabilities Part IV: Database Access Vulnerabilities$
Unveiling AI Agent Vulnerabilities Part IV: Database Access Vulnerabilities
How can attackers exploit weaknesses in database-enabled AI agents? This research explores how SQL generation vulnerabilities, stored prompt injection, and vector store poisoning can be weaponized by attackers for fraudulent activities.
Read more

ISC DHCPD Server Remote Stack Corruption Vulnerability

DESCRIPTION

TREND MICRO PROTECTION INFORMATION

SOLUTION

AFFECTED SOFTWARE AND VERSION

Featured Stories

Trend Vision One™ - Proactive Security Starts Here.

Resources

Support

About Trend

Country Headquarters