ELSA-2011-0428

Опубликовано: 08 апр. 2011

Источник: oracle-oval

Платформа: Oracle Linux 5

Платформа: Oracle Linux 6

Описание

ELSA-2011-0428: dhcp security update (IMPORTANT)

[12:4.1.1-12.P1.4]

Better fix for CVE-2011-0997: making domain-name check more lenient (#690578)

[12:4.1.1-12.P1.3]

dhclient: insufficient sanitization of certain DHCP response values (CVE-2011-0997, #690578)

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

dhclient

3.0.5-23.el5_6.4

dhcp

3.0.5-23.el5_6.4

dhcp-devel

3.0.5-23.el5_6.4

libdhcp4client

3.0.5-23.el5_6.4

libdhcp4client-devel

3.0.5-23.el5_6.4

Oracle Linux x86_64

dhclient

3.0.5-23.el5_6.4

dhcp

3.0.5-23.el5_6.4

dhcp-devel

3.0.5-23.el5_6.4

libdhcp4client

3.0.5-23.el5_6.4

libdhcp4client-devel

3.0.5-23.el5_6.4

Oracle Linux i386

dhclient

3.0.5-23.el5_6.4

dhcp

3.0.5-23.el5_6.4

dhcp-devel

3.0.5-23.el5_6.4

libdhcp4client

3.0.5-23.el5_6.4

libdhcp4client-devel

3.0.5-23.el5_6.4

Oracle Linux 6

Oracle Linux x86_64

dhclient

4.1.1-12.P1.el6_0.4

dhcp

4.1.1-12.P1.el6_0.4

dhcp-devel

4.1.1-12.P1.el6_0.4

Oracle Linux i686

dhclient

4.1.1-12.P1.el6_0.4

dhcp

4.1.1-12.P1.el6_0.4

dhcp-devel

4.1.1-12.P1.el6_0.4

Связанные CVE

CVE-2011-0997

Ссылки на источники

Связанные уязвимости

CVE-2011-0997

ubuntu

около 14 лет назад

dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.

CVE-2011-0997

redhat

около 14 лет назад

CVE-2011-0997

nvd

около 14 лет назад

CVE-2011-0997

debian

около 14 лет назад

dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV befo ...

GHSA-hhcj-97jg-v79c

github

около 3 лет назад