I examined this issue to eventually create a security patch but i failed
when diving deeper into the material. Shortly said, i'm not lucky with
the patch and here are my considerations.
IMHO, when a relay forwards a BOOTREQUEST it must not use the MAC
broadcast as a destination - unless the system
Hi,
i discovered a bug in the dhcrelay causing it to send a continuing packet
storm towards the configured dhcp server(s) in case of a malicious bootp
packet. I have seen this on Linux Kernel 2.2 and 2.4 with the isc dhcp
3.0rc9 relay (I havent tested rc10 but the diff shows no obvious fix).
In c