Knowledge Search


Vulnerabilities in ISC's DHCPD (CERT/CC #317350 and #654390)

  [JSA10335] Show Article Properties

Legacy Advisory Id:
Product Affected:
All Juniper Networks routing platforms and integrated firewall/IPSec VPN appliances
Several vulnerabilities have been found in the Internet Software Consortium's (ISC) distribution of the Distributed Host Configuration Protocol daemon (dhcpd). These vulnerabilities might permit an attacker to execute arbitrary code with the privileges of dhcpd (typically run as root); however, no working exploit is known to exist. These vulnerabilities are described in more detail in CERT/CC Vulnerability Notes #317350 and #654390.
Certain Juniper Networks products (E-series routers and integrated firewall/IPsec VPN appliances) include an implementation of dhcpd. However, no Juniper Networks product includes dhcpd code from ISC. Therefore, Juniper Networks products are not susceptible to these vulnerabilities.
Juniper Networks products are not susceptible to the vulnerabilities described above. No action is required.
Related Links:
Severity Level:
Severity Assessment:
Juniper Networks products are not susceptible to this vulnerability.