4 matches found
CVE-2025-14558
The rtsol8 and rtsold8 programs do not validate the domain search list options provided in router advertisement messages; the option body is passed to resolvconf8 unmodified. resolvconf8 is a shell script which does not validate its input. A lack of quoting meant that shell commands pass as input...
CVE-2025-14558
The rtsol8 and rtsold8 programs do not validate the domain search list options provided in router advertisement messages; the option body is passed to resolvconf8 unmodified. resolvconf8 is a shell script which does not validate its input. A lack of quoting meant that shell commands pass as input...
CVE-2025-14558
CVE-2025-14558 affects FreeBSD rtsol(8) and rtsold(8). The issue arises because the domain search list in IPv6 Router Advertisement DNSSL options is not validated; the option body is passed to resolvconf(8) unmodified, and resolvconf(8) is a shell script that does not validate input, allowing she...
FreeBSD : FreeBSD -- Remote code execution via ND6 Router Advertisements (6c9318c7-dae9-11f0-80b8-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 6c9318c7-dae9-11f0-80b8-bc241121aa0a advisory. The rtsol8 and rtsold8 programs do not validate the domain search list options provided in router...