Описание
The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message.
Ссылки
- Third Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2011-07-25 (включая)
cpe:2.3:a:linux:dhcp6c:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.0068
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-74
Связанные уязвимости
redhat
почти 15 лет назад
The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message.
CVSS3: 9.8
github
почти 4 года назад
The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message.
EPSS
Процентиль: 71%
0.0068
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-74