K13219: DHCP Client vulnerability CVE-2011-0997

Security Advisory Description The ISC Dynamic Host Configuration Protocol DHCP client, dhclient , in versions 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands by way of shell metacharacters in a...

[ASA-202012-12] blueman: privilege escalation

Arch Linux Security Advisory ASA-202012-12 ========================================== Severity: High Date : 2020-12-09 CVE-ID : CVE-2020-15238 Package : blueman Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1259 Summary ======= The package blueman before versio...

Remote Code Execution (RCE)

Blueman is vulnerable to remote code execution RCE. On systems with ISC DHCP client dhclient, attackers can pass arguments to ip link with the interface name that can e.g. be used to bring down an interface or add an arbitrary XDP/BPF program. On systems with dhcpcd and without ISC DHCP client,...

Blueman < 2.1.4 - Local Privilege Escalation

Exploit Title: Local Privilege Escalation in Blueman 2.1.4 Date: 2020-10-27 Exploit Author: Vaisha Bernard vbernard - at - eyecontrol.nl Vendor Homepage: https://github.com/blueman-project/blueman Software Link: https://github.com/blueman-project/blueman Version: 2.1.4 Tested on: Ubuntu 20.04 CVE...

Blueman < 2.1.4 - Local Privilege Escalation Vulnerability

Exploit Title: Local Privilege Escalation in Blueman 2.1.4 Exploit Author: Vaisha Bernard vbernard - at - eyecontrol.nl Vendor Homepage: https://github.com/blueman-project/blueman Software Link: https://github.com/blueman-project/blueman Version: 2.1.4 Tested on: Ubuntu 20.04 CVE: CVE-2020-15238 ...

CVE-2020-15238

Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any...

Mandrake Linux Security Advisory : dhcp (MDKSA-2000:022-1)

All versions of the ISC DHCP client program, dhclient, are vulnerable to a root attack by a corrupt DHCP server. This version fixes the vulnerability. Versions of Linux Mandrake prior to 7.0, while including the ISC DHCP server, do not include the DHCP client and are therefore not subject to this...

Scientific Linux Security Update : dhcp on SL3.x, SL4.x i386/x86_64

The Mandriva Linux Engineering Team discovered a stack-based buffer overflow flaw in the ISC DHCP client. If the DHCP client were to receive a malicious DHCP response, it could crash or execute arbitrary code with the permissions of the client root. CVE-2009-0692 An insecure temporary file use fl...

CentOS Update for dhclient CESA-2009:1154 centos3 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

FreeBSD : isc-dhcp-client -- dhclient does not strip or escape shell meta-characters (7e69f00d-632a-11e0-9f3a-001d092480a4)

ISC reports : ISC dhclient did not strip or escape certain shell meta-characters in responses from the dhcp server like hostname before passing the responses on to dhclient-script. Depending on the script and OS, this can result in execution of exploit code on the client. %NASLMINLEVEL 70300 C...

RedHat Security Advisory RHSA-2009:1136

The remote host is missing updates announced in advisory RHSA-2009:1136. The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address...

RedHat Security Advisory RHSA-2009:1154

The remote host is missing updates announced in advisory RHSA-2009:1154. The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address...

ISC DHCP Client Buffer Overflow Vulnerability

ISC DHCP Client is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ISC DHCP Client Version Detection

Detects the installed version of ISC DHCP Client. The script logs in via ssh, searches for executable Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

FreeBSD : isc-dhcp-client -- Stack overflow vulnerability (c444c8b7-7169-11de-9ab7-000c29a67389)

US-CERT reports : The ISC DHCP dhclient application contains a stack-based buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code with root privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...

RHEL 4 : dhcp (RHSA-2009:1136)

Updated dhcp packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 4.7 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Dynamic Host Configuration Protocol DHCP is a protocol that...

isc-dhcp-client -- Stack overflow vulnerability

US-CERT reports: The ISC DHCP dhclient application contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code with root privileges...

CVE-2000-0585

ISC DHCP client program dhclient allows remote attackers to execute arbitrary commands via shell metacharacters...

isc-dhcpd.exploit.txt

Somebody at OpenBSD discovered a possible root exploit in the ISC DHCP client. I can confirm that as of 6:23am on June 23rd after several hours of hacking around the sources I had the following dhcpd config running on my own machine's private network for testing: shared-network LOCAL-NET option...

Possible root exploit in ISC DHCP client.

Somebody at OpenBSD discovered a possible root exploit in the ISC DHCP client. This exploit is present in all versions of the ISC DHCP client prior to 2.0pl1 and 3.0b1pl14, which I just released this evening. Anybody who is using versions of the ISC DHCP client other than these is strongly urged ...