16 matches found
CVE-2026-42511
The BOOTP file field is written to the lease file without escaping embedded double-quotes, allowing injection of arbitrary dhclient.conf directives. When the lease file is subsequently re-parsed by dhclient, e.g., after a system restart, an attacker-controlled field from the lease is passed to...
CVE-2026-42511
The BOOTP file field is written to the lease file without escaping embedded double-quotes, allowing injection of arbitrary dhclient.conf directives. When the lease file is subsequently re-parsed by dhclient, e.g., after a system restart, an attacker-controlled field from the lease is passed to...
CVE-2026-42511
The BOOTP file field is written to the lease file without escaping embedded double-quotes, allowing injection of arbitrary dhclient.conf directives. When the lease file is subsequently re-parsed by dhclient, e.g., after a system restart, an attacker-controlled field from the lease is passed to...
CVE-2026-42511 Remote code execution via malicious DHCP options
The BOOTP file field is written to the lease file without escaping embedded double-quotes, allowing injection of arbitrary dhclient.conf directives. When the lease file is subsequently re-parsed by dhclient, e.g., after a system restart, an attacker-controlled field from the lease is passed to...
CVE-2026-42511 Remote code execution via malicious DHCP options
The BOOTP file field is written to the lease file without escaping embedded double-quotes, allowing injection of arbitrary dhclient.conf directives. When the lease file is subsequently re-parsed by dhclient, e.g., after a system restart, an attacker-controlled field from the lease is passed to...
EUVD-2026-26350
The BOOTP file field is written to the lease file without escaping embedded double-quotes, allowing injection of arbitrary dhclient.conf directives. When the lease file is subsequently re-parsed by dhclient, e.g., after a system restart, an attacker-controlled field from the lease is passed to...
FreeBSD -- Remote code execution via malicious DHCP options
Problem Description: The BOOTP file field is written to the lease file without escaping embedded double-quotes, allowing injection of arbitrary dhclient.conf directives. When the lease file is subsequently re-parsed by dhclient, e.g., after a system restart, an attacker-controlled field from the...
FreeBSD Security Advisory - FreeBSD-SA-26:15.dhclient
FreeBSD Security Advisory - As dhclient is building an environment to pass to dhclient-script, it may need to resize the array of string pointers. The code which expands the array incorrectly calculates its new size when requesting memory, resulting in a heap buffer overrun...
FreeBSD Security Advisory - FreeBSD-SA-26:12.dhclient
FreeBSD Security Advisory - The BOOTP file field is written to the lease file without escaping embedded double-quotes, allowing injection of arbitrary dhclient.conf directives. When the lease file is subsequently re-parsed by dhclient, e.g., after a system restart, an attacker-controlled field fr...
SUSE-SU-2018:0532-1 Security update for dhcp
This update for dhcp fixes several issues. This security issue was fixed: - CVE-2017-3144: OMAPI code didn't free socket descriptors when empty message is received allowing DoS bsc1076119. These non-security issues were fixed: - Optimized if and when DNS client context and ports are initted...
openSUSE Security Update : dhcp (openSUSE-2016-284)
This update for dhcp fixes the following issues : - CVE-2015-8605: A remote attacker could have used badly formed packets with an invalid IPv4 UDP length field to cause a DHCP server, client, or relay program to terminate abnormally bsc961305 The following bugs were fixed : - bsc936923: Improper...
openSUSE Security Update : dhcp (openSUSE-2016-279)
This update for dhcp fixes the following issues : - CVE-2015-8605: A remote attacker could have used badly formed packets with an invalid IPv4 UDP length field to cause a DHCP server, client, or relay program to terminate abnormally boo961305 The following bugs were fixed : - boo936923: Improper...
dhcp security and bug fix update
12:4.1.1-34.P1.0.1.el6 - Added oracle-errwarn-message.patch 12:4.1.1-34.P1 - Reducing the expiration time for an IPv6 lease may cause the server to crash CVE-2012-3955, 858130 12:4.1.1-33.P1 - Use getifaddrs for interface discovery code on Linux 803540 - dhclient-script: do not backup&restore...
SuSE 10 Security Update : dhcp (ZYPP Patch Number 7717)
This update of dhcp fixes two Denial of Service CVE-2011-2748 / CVE-2011-2749 vulnerabilities caused by specially crafted BOOTP packets. Additionally, the alias IP address handling of dhclient-script was fixed to not wipe out iptables connmark when renewing the lease. %NASLMINLEVEL 70300 C Tenabl...
Fedora 13 : dhcp-4.1.1-27.P1.fc13 (2010-17303)
Thu Nov 4 2010 Jiri Popelka - 12:4.1.1-27.P1 - Fix for CVE-2010-3611 649880 - Wed Oct 13 2010 Jiri Popelka - 12:4.1.1-26.P1 - Server was ignoring client's Solicit where client included address/prefix as a preference 634842 - Tue Sep 7 2010 Jiri Popelka - 12:4.1.1-25.P1 - Hardening...
MDVA-2009:045 : dhcp
dhclient-script, in dhcp-client package as released with Mandriva Linux 2009, would put the network interface down on some circumstances, as part of it's workings. Coupled with a bug in the kernel wireless stack, when done on wireless interfaces this could cause the wireless association to be los...