This issue affected the dhcp packages as shipped with Red Hat Enterprise Linux 3 and 4. Updated packages to correct this issue are available via Red Hat Network:
This issue did not affect the dhcp packages as shipped with Red Hat Enterprise Linux 5 due to the use of FORTIFY_SOURCE protection mechanism that changes the exploitability of the issue into a controlled application termination.
CVSS v2 metrics
NOTE: The following CVSS v2 metrics and score provided are preliminary and subject to review.
|Access Vector||Adjacent Network|
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
|Red Hat Enterprise Linux 4 (dhcp)||RHSA-2009:1136||2009-07-14|
|Red Hat Enterprise Linux 3 (dhcp)||RHSA-2009:1154||2009-07-14|
|Red Hat Enterprise Linux Extended Update Support 4.7 (dhcp)||RHSA-2009:1136||2009-07-14|