News
Nov 12th 2004:

Alcatel Speed Touch Pro ADSL modems are proned to a design error affecting its embedded DHCP/DNS servers
Exploiting two bugs relying in the way DHCP/DNS updates are handled, an attacker may poison the DNS local zone
to launch further spoofing, man in the middle or DOS attacks.
No fix is available at this time.
Complete advisory in the vulnerability matrix.

Nov 1st 2004:

3COM's 3crwe754g72-a ADSL router/firewall is vulnerable to a script injection attack
leading to a possible root compromise on these boxes.
Thanks to Cyrille Barthelemy who has discovered this flaw playing around with DHCPing
3COM is providing a firmware update to fix it.
Please consult the vulnerability matrix for more input.

Aug 26 2004:

A new router has been found vulnerable to a script injection issue
Network Everywhere's model NR041 can be rooted from the dhcp service using
almost the same trick as for the DLINK's 614+
Thanks to Mathieu Lacroix who has discovered the flaw using DHCPing 0.91
A new macro should be made available in the next release
Please consult the vulnerability matrix for more details.

Aug 03 2004:

Version 0.91 is out bringing an update to Makefile.PL
*.pm files should install correctly now.
If you are experiencing problems at runtime, please consider installing DHCPing 0.91
Go to downloads section to get the latest tarball.

Jul 10th 2004:

DHCPing's web site is now online in Moscow.
This program is still under development, current version is 0.9
Feedbacks are really appreciated so if you like or dislike some things
please let me know.
Look at the contact section here for more information.

June 30th 2004:

All the flaws found affecting DLINK's DI-614+
are also affecting the DI-624 Revision B model
Thanks to Francois Beaupre who has kindly provided a box for testings.

May 31st 2004:

A script injection issue has been discovered in INFOBLOX's DNSONE appliances
INFOBLOX has issued a new firmware that fixes this problem.
more details available there

May 30th 2004:

Several critical flaws discovered in ISC DHCPD 3.0.1 release candidates 12 and 13
5 stack based overflows and 3 .bss overflows,
all of which allow a malicious DHCP client to DOS the service and, likely, to force the daemon to execute arbitrary code
I would like to thank Solar Designer and David W. Hankins (ISC) for their valuable help.
more details available there

April 19th 2004:

Two denial of service attacks against DLINK's 614+ SOHO appliances
One allows a malicious DHCP client to DOS the DHCP service
the other offers to DOS the system forcing the box to reboot.
more details available there

April 18th 2004:

Two critical flaws detected in DLINK's 614+ and 704 SOHO routers
It is possible to inject a malicious script into the web based administrative interface
allowing a full compromising of these boxes as soon as their administrator enter the configuration interface.
more details available there