Описание
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 3.0.3-6ubuntu7.2 |
| devel | released | 3.1.3-2ubuntu7 |
| hardy | released | 3.0.6.dfsg-1ubuntu9.2 |
| karmic | released | 3.1.2-1ubuntu7.2 |
| lucid | released | 3.1.3-2ubuntu3.1 |
| maverick | released | 3.1.3-2ubuntu6.1 |
| upstream | released | 3.1-ESV-R1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 4.1.1-P1-15ubuntu7 |
| hardy | DNE | |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| upstream | released | 4.2.1-P1 |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV befo ...
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
EPSS
7.5 High
CVSS2