First published: Tue Mar 22 2011(Updated: )
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
ISC DHCP | =3.0.4-b2 | |
ISC DHCP | =3.1.0-b1 | |
ISC DHCP | =3.1.0-a3 | |
ISC DHCP | =3.0.6-rc1 | |
ISC DHCP | =3.1.2-rc1 | |
ISC DHCP | =3.1.0-rc1 | |
ISC DHCP | =3.0.4-b1 | |
ISC DHCP | =3.1.0-a1 | |
ISC DHCP | =3.0.1-rc12 | |
ISC DHCP | =3.0 | |
ISC DHCP | =3.0.2-b1 | |
ISC DHCP | =3.0.3-b1 | |
ISC DHCP | =3.0.1-rc1 | |
ISC DHCP | =3.0.4-b3 | |
ISC DHCP | =3.0.2-rc1 | |
ISC DHCP | =3.0.1-rc7 | |
ISC DHCP | =3.1-esv | |
ISC DHCP | =3.0.2-rc3 | |
ISC DHCP | =3.0.1-rc2 | |
ISC DHCP | =3.1.3-b1 | |
ISC DHCP | =3.0.1-rc14 | |
ISC DHCP | =3.0.1-rc6 | |
ISC DHCP | =3.0.2-rc2 | |
ISC DHCP | =3.0.1-rc13 | |
ISC DHCP | =3.0.1-rc9 | |
ISC DHCP | =3.0.3-b3 | |
ISC DHCP | =3.1.1-rc1 | |
ISC DHCP | =3.1.0-a2 | |
ISC DHCP | =3.0.1-rc8 | |
ISC DHCP | =3.0.3-b2 | |
ISC DHCP | =3.1.2-b1 | |
ISC DHCP | =3.1.3-rc1 | |
ISC DHCP | =3.0.1-rc10 | |
ISC DHCP | =3.0.5-rc1 | |
ISC DHCP | =3.0.1-rc11 | |
ISC DHCP | =3.1.1-rc2 | |
ISC DHCP | =3.0.4-rc1 | |
ISC DHCP | =3.1.0-b2 | |
ISC DHCP | =3.0.1-rc5 | |
ISC DHCP | =3.0.1 | |
ISC DHCP | =3.0.2 | |
ISC DHCP | =3.0.4 | |
ISC DHCP | =3.0.5 | |
ISC DHCP | =3.1.0 | |
ISC DHCP | =3.1.2 | |
ISC DHCP | =3.1.3 | |
ISC DHCP | =3.0.3 | |
ISC DHCP | =4.2.0-b2 | |
ISC DHCP | =4.2.0-a2 | |
ISC DHCP | =4.2.0-b1 | |
ISC DHCP | =4.2.1-rc1 | |
ISC DHCP | =4.2.0-a1 | |
ISC DHCP | =4.1-esv-rc1 | |
ISC DHCP | =4.2.1-b1 | |
ISC DHCP | =4.2.0-rc1 | |
ISC DHCP | =4.2.0-p1 | |
ISC DHCP | =4.1-esv | |
ISC DHCP | =4.2.0 | |
ISC DHCP | =4.2.1 | |
Debian Debian Linux | =5.0 | |
Debian Debian Linux | =7.0 | |
Debian Debian Linux | =6.0 | |
Canonical Ubuntu Linux | =10.10 | |
Canonical Ubuntu Linux | =6.06 | |
Canonical Ubuntu Linux | =8.04 | |
Canonical Ubuntu Linux | =10.04 | |
Canonical Ubuntu Linux | =9.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.