Lucene search
Ubuntu.comUB:CVE-2011-0997HistoryApr 08, 2011 - 12:00 a.m.
CVE-2011-0997
2011-04-0800:00:00
ubuntu.com
ubuntu.com
16
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.971 High
EPSS
Percentile
99.8%
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before
3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to
execute arbitrary commands via shell metacharacters in a hostname obtained
from a DHCP message, as demonstrated by a hostname that is provided to
dhclient-script.
Bugs
- <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0997>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=621099>
Notes
| Author | Note |
|---|---|
| mdeslaur | a couple of fixes post isc release are included in redhat’s bug patches are from Marius Tomaschewski |
Related
openvas
openvas
RedHat Update for dhcp RHSA-2011:0428-01
2011-04-11 00:00:00
Oracle Linux Local Check: ELSA-2011-0428
2015-10-06 00:00:00
Debian Security Advisory DSA 2216-1 (isc-dhcp)
2011-05-12 00:00:00
nessus
nessus
Fedora 15 : dhcp-4.2.1-4.P1.fc15 (2011-4934)
2011-04-18 00:00:00
Apple Time Capsule and AirPort Base Station (802.11n) Firmware < 7.6 (APPLE-SA-2011-11-10-2)
2011-11-16 00:00:00
Fedora 14 : dhcp-4.2.0-21.P2.fc14 (2011-4897)
2011-04-13 00:00:00
canvas
canvas
Immunity Canvas: CVE_2011_0997
2011-04-08 15:17:00
securityvulns
securityvulns
cisa
cisa
ISC dhclient Vulnerability
2011-04-08 00:00:00
f5
f5
SOL13219 - DHCP Client vulnerability CVE-2011-0997
2011-11-23 00:00:00
K13219 : DHCP Client vulnerability CVE-2011-0997
2013-09-05 00:00:00
ubuntu
ubuntu
DHCP vulnerability
2011-04-19 00:00:00
DHCP vulnerability
2011-04-11 00:00:00
oraclelinux
oraclelinux
dhcp security update
2011-04-08 00:00:00
cve
cve
CVE-2011-0997
2011-04-08 15:17:00
exploitdb
exploitdb
15 TOTOLINK Router Models - Multiple Remote Code Execution Vulnerabilities
2015-07-16 00:00:00
debian
debian
[SECURITY] [DSA 2217-1] dhcp3 security update
2011-04-10 21:58:40
[SECURITY] [DSA 2216-1] isc-dhcp security update
2011-04-10 21:55:28
fedora
fedora
[SECURITY] Fedora 15 Update: dhcp-4.2.1-4.P1.fc15
2011-04-15 21:50:51
[SECURITY] Fedora 13 Update: dhcp-4.1.2-4.ESV.R2.fc13
2011-04-18 21:21:43
[SECURITY] Fedora 14 Update: dhcp-4.2.0-21.P2.fc14
2011-04-12 21:33:04
prion
prion
Code injection
2011-04-08 15:17:00
packetstorm
packetstorm
15 TOTOLINK Routers Remote Command Execution
2015-07-16 00:00:00
ipTIME DHCP Remote Command Execution
2015-07-06 00:00:00
redhat
redhat
(RHSA-2011:0428) Important: dhcp security update
2011-04-08 00:00:00
(RHSA-2011:0840) Important: dhcp security update
2011-05-31 00:00:00
cert
cert
ISC dhclient vulnerability
2011-04-05 00:00:00
freebsd
freebsd
isc-dhcp-client -- dhclient does not strip or escape shell meta-characters
2011-04-05 00:00:00
exploitpack
exploitpack
15 TOTOLINK Router Models - Multiple Remote Code Execution Vulnerabilities
2015-07-16 00:00:00
checkpoint_advisories
checkpoint_advisories
centos
centos
dhclient, dhcp, libdhcp4client security update
2011-04-08 21:18:26
debiancve
debiancve
CVE-2011-0997
2011-04-08 15:17:00
slackware
slackware
[slackware-security] dhcp
2011-04-07 05:49:25
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:54:29
ubuntucve
ubuntucve
CVE-2011-2716
2012-07-03 00:00:00
threatpost
threatpost
Critical RCE Bug Found Lurking in Avaya VoIP Phones
2019-08-08 20:00:50
vmware
vmware
VMware ESX third party updates for Service Console packages glibc and dhcp
2011-07-28 00:00:00
VMware ESX third party updates for Service Console packages glibc and dhcp
2011-07-28 00:00:00
gentoo
gentoo
ISC DHCP: Denial of service
2013-01-09 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.971 High
EPSS
Percentile
99.8%
Related for UB:CVE-2011-0997