7.2 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.971 High
EPSS
Percentile
99.8%
USN-1108-1 fixed vulnerabilities in DHCP. Due to an error, the patch to fix
the vulnerability was not properly applied on Ubuntu 9.10 and higher. This
update fixes the problem.
Original advisory details:
Sebastian Krahmer discovered that the dhclient utility incorrectly filtered
crafted responses. An attacker could use this flaw with a malicious DHCP
server to execute arbitrary code, resulting in root privilege escalation.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 9.10 | noarch | dhcp3-client | < 3.1.2-1ubuntu7.3 | UNKNOWN |
Ubuntu | 9.10 | noarch | dhcp3-client-udeb | < 3.1.2-1ubuntu7.3 | UNKNOWN |
Ubuntu | 9.10 | noarch | dhcp3-common | < 3.1.2-1ubuntu7.3 | UNKNOWN |
Ubuntu | 9.10 | noarch | dhcp3-dev | < 3.1.2-1ubuntu7.3 | UNKNOWN |
Ubuntu | 9.10 | noarch | dhcp3-relay | < 3.1.2-1ubuntu7.3 | UNKNOWN |
Ubuntu | 9.10 | noarch | dhcp3-server | < 3.1.2-1ubuntu7.3 | UNKNOWN |
Ubuntu | 9.10 | noarch | dhcp3-server-ldap | < 3.1.2-1ubuntu7.3 | UNKNOWN |
Ubuntu | 10.10 | noarch | dhcp3-client | < 3.1.3-2ubuntu6.2 | UNKNOWN |
Ubuntu | 10.10 | noarch | dhcp3-client-udeb | < 3.1.3-2ubuntu6.2 | UNKNOWN |
Ubuntu | 10.10 | noarch | dhcp3-common | < 3.1.3-2ubuntu6.2 | UNKNOWN |