7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.971 High
EPSS
Percentile
99.7%
The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows
individual devices on an IP network to get their own network configuration
information, including an IP address, a subnet mask, and a broadcast
address.
It was discovered that the DHCP client daemon, dhclient, did not
sufficiently sanitize certain options provided in DHCP server replies, such
as the client hostname. A malicious DHCP server could send such an option
with a specially-crafted value to a DHCP client. If this option’s value was
saved on the client system, and then later insecurely evaluated by a
process that assumes the option is trusted, it could lead to arbitrary code
execution with the privileges of that process. (CVE-2011-0997)
Red Hat would like to thank Sebastian Krahmer of the SuSE Security Team for
reporting this issue.
All dhclient users should upgrade to these updated packages, which contain
a backported patch to correct this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 4 | x86_64 | dhcp-devel | < 3.0.1-67.el4 | dhcp-devel-3.0.1-67.el4.x86_64.rpm |
RedHat | 5 | i386 | dhclient | < 3.0.5-23.el5_6.4 | dhclient-3.0.5-23.el5_6.4.i386.rpm |
RedHat | 6 | ppc64 | dhclient | < 4.1.1-12.P1.el6_0.4 | dhclient-4.1.1-12.P1.el6_0.4.ppc64.rpm |
RedHat | 6 | x86_64 | dhcp-debuginfo | < 4.1.1-12.P1.el6_0.4 | dhcp-debuginfo-4.1.1-12.P1.el6_0.4.x86_64.rpm |
RedHat | 5 | s390x | dhcp | < 3.0.5-23.el5_6.4 | dhcp-3.0.5-23.el5_6.4.s390x.rpm |
RedHat | 6 | s390 | dhcp-devel | < 4.1.1-12.P1.el6_0.4 | dhcp-devel-4.1.1-12.P1.el6_0.4.s390.rpm |
RedHat | 4 | i386 | dhclient | < 3.0.1-67.el4 | dhclient-3.0.1-67.el4.i386.rpm |
RedHat | 6 | s390 | dhcp-debuginfo | < 4.1.1-12.P1.el6_0.4 | dhcp-debuginfo-4.1.1-12.P1.el6_0.4.s390.rpm |
RedHat | 5 | ppc | libdhcp4client-devel | < 3.0.5-23.el5_6.4 | libdhcp4client-devel-3.0.5-23.el5_6.4.ppc.rpm |
RedHat | 4 | x86_64 | dhcp | < 3.0.1-67.el4 | dhcp-3.0.1-67.el4.x86_64.rpm |