A flaw was found in ISC's dhcpd [1] where, if a server receives a TCP connection on a port that has been configured for communication with a failover peer, it would be come unresponsive to all normal DHCP protocol traffic. This will result in the server no longer providing DHCP services to clients until it is restarted. This flaw only affects DHCP version 4.2 and is corrected in DHCP 4.2.0-P2 [2]. Previous versions of DHCP are not vulnerable. Only current Fedora 14 and Rawhide ship dhcp-4.2.0 and are vulnerable to this issue. [1] http://www.pubbs.net/201012/dhcp/9981-nagios-checktcp-kills-failover-then-dhcp-failure.html [2] https://www.isc.org/software/dhcp/advisories/cve-2010-3616 Statement: Not vulnerable. This issue did not affect the versions of dhcp as shipped with Red Hat Enterprise Linux 3, 4, 5, or 6.
Created dhcp tracking bugs for this issue Affects: fedora-14 [bug 662326]