Malicious DHCP clients on the local network could cause dhcpd(8)
to corrupt its stack.
A DHCP client with a carefully chosen maximum message size that
is less than the minimum IP MTU could lead to a buffer overflow
in dhcpd(8). This could cause dhcpd(8) to crash or could
potentially result in remote code execution.
Disable dhcpd if it is enabled. Note that OpenBSD does not
ship with dhcpd(8) enabled by default.
A fix has been committed to OpenBSD-current. Patches are
available for OpenBSD 4.2, 4.1 and 4.0.