The Internet Systems Consortium (ISC) has released an advisory to address a vulnerability in its dhclient application. This vulnerability may allow a remote attacker to execute arbitrary code on the client machine.

US-CERT encourages administrators of this product to review the ISC advisory. Users of ISC DHCP from the original source distribution should upgrade to ISC DHCP version 3.1-ESV-R1, 4.1-ESV-R2, or 4.2.1-P1. Users who obtain ISC DHCP from a third-party vendor, such as their operating system vendor, should check with their software vendor for updated versions.

Additional information regarding this vulnerability can be found in US-CERT Vulnerability Note VU#107886.

Read more: US-CERT Current Activity