CVE-2025-14558

The rtsol8 and rtsold8 programs do not validate the domain search list options provided in router advertisement messages; the option body is passed to resolvconf8 unmodified. resolvconf8 is a shell script which does not validate its input. A lack of quoting meant that shell commands pass as input...

CVE-2025-14558

The rtsol8 and rtsold8 programs do not validate the domain search list options provided in router advertisement messages; the option body is passed to resolvconf8 unmodified. resolvconf8 is a shell script which does not validate its input. A lack of quoting meant that shell commands pass as input...

CVE-2025-14558 Remote code execution via ND6 Router Advertisements

The rtsol8 and rtsold8 programs do not validate the domain search list options provided in router advertisement messages; the option body is passed to resolvconf8 unmodified. resolvconf8 is a shell script which does not validate its input. A lack of quoting meant that shell commands pass as input...

CVE-2025-14558

CVE-2025-14558 affects FreeBSD rtsol(8) and rtsold(8). The issue arises because the domain search list in IPv6 Router Advertisement DNSSL options is not validated; the option body is passed to resolvconf(8) unmodified, and resolvconf(8) is a shell script that does not validate input, allowing she...

FreeBSD rtsold/rtsol DNSSL Command Injection

This module exploits a command injection vulnerability CVE-2025-14558 in FreeBSD's rtsol8 and rtsold8 programs. These programs do not validate the domain search list options provided in IPv6 Router Advertisement messages; the option body is passed to resolvconf8 unmodified. resolvconf8 is a shell...

📄 FreeBSD 15.x rtsold DNSSL Command Injection

This Metasploit module targets a command injection vulnerability in the FreeBSD rtsold daemon related to the handling of DNSSL DNS Search List options in IPv6 Router Advertisements. Due to improper validation of domain names, attacker-controlled DNSSL values can inject shell commands via $...

📄 FreeBSD rtsold 15.x Remote Code Execution

rtsold8 on FreeBSD processes IPv6 Router Advertisement DNSSL options without validating domain names for shell metacharacters. The decoded domains are passed to resolvconf8, a shell script that uses unquoted variable expansion, enabling command injection via substitution. Exploit Title: FreeBSD...

FreeBSD 安全漏洞

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD that stems from a DNSSL domain name that rtsold8 does not validate shell metacharacters before passing them to resolvconf8, which could lead to remote code execution from a...

FreeBSD : FreeBSD -- Remote code execution via ND6 Router Advertisements (6c9318c7-dae9-11f0-80b8-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 6c9318c7-dae9-11f0-80b8-bc241121aa0a advisory. The rtsol8 and rtsold8 programs do not validate the domain search list options provided in router...

PT-2024-5866 · Nlnet +5 · Unbound +5

Name of the Vulnerable Software and Affected Versions: Unbound affected versions not specified Description: A NULL pointer dereference flaw was found in the ub ctx set fwd function in Unbound. This issue could allow an attacker who can invoke specific sequences of API calls to cause a segmentatio...

OpenResolve 跨站脚本漏洞

OpenResolve is an OpenDNS open source implementation of resolconf. A cross-site scripting vulnerability exists in OpenResolve. An attacker could exploit this vulnerability to perform cross-site scripting attacks...

systemd security, bug fix, and enhancement update

239-40.0.1 - backport upstream pstore tmpfiles patch Orabug: 31420486 - udev rules: fix memory hot add and remove Orabug: 31310273 - fix to enable systemd-pstore.service Orabug: 30951066 - journal: change support URL shown in the catalog entries Orabug: 30853009 - fix to generate...

Security fix for the ALT Linux 10 package dnsmasq version 2.65-alt1

March 6, 2013 Mikhail Efremov 2.65-alt1 - Patch from Fedora: + Fix for CVE-2013-0198 checking of TCP connection interfaces - Improved resolvconf support. - Added dnsmasq.service. - Added dnsmasq-helper script. - Drop 'build without resolvconf' support. - Updated to 2.65...

Mandriva Update for openvpn MDVA-2010:025 (openvpn)

Check for the Version of openvpn OpenVAS Vulnerability Test Mandriva Update for openvpn MDVA-2010:025 openvpn Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

MDVA-2009:015 : openct

This update fixes issue with a non-LSB initscript of openct, which could cause init to switch to non LSB compat mode, and result in a loop between resolvconf and network bug 47299. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security...

Mandriva Update for initscripts MDVA-2008:069 (initscripts)

Check for the Version of initscripts OpenVAS Vulnerability Test Mandriva Update for initscripts MDVA-2008:069 initscripts Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...