Intrusion Prevention

Malformed.BOOTP.Buffer.Overflow

Description

This attack is executed by sending a the Solaris DHCP server a malformed BOOTP packet. The EDHCP daemon will crash when receiving BOOTP packets which contain a non-null value for the client IP address. This will result in a denial of service for legitimate users requesting an IP address.

Affected Products

Solaris DHCP server

Impact

Denial of service

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.