Lucene search

K

Veracode Vulnerability DatabaseVERACODE:24453

HistoryApr 10, 2020 - 12:54 a.m.

Arbitrary Code Execution

2020-04-1000:54:29

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

9

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

dhcp is vulnerable to arbitrary code execution. It was discovered that the DHCP client daemon, dhclient, did not sufficiently sanitize certain options provided in DHCP server replies, such as the client hostname. A malicious DHCP server could send such an option with a specially-crafted value to a DHCP client. If this option’s value was saved on the client system, and then later insecurely evaluated by a process that assumes the option is trusted, it could lead to arbitrary code execution with the privileges of that process.

CPENameOperatorVersion
dhcpeq3.0.5__3.el5
dhcpeq3.0.5__13.el5
dhcpeq3.0.5__21.el5
dhcpeq3.0.5__5.el5
dhcpeq3.0.5__21.el5_4.1
dhcpeq3.0.1__62.el4_7.1
dhcpeq3.0.5__7.el5
dhcpeq3.0.5__18.el5
dhcpeq3.0.1__65.el4_8.1

References

kb.juniper.net/InfoCenter/index?page=content&id=JSA10761

lists.fedoraproject.org/pipermail/package-announce/2011-April/057888.html

lists.fedoraproject.org/pipermail/package-announce/2011-April/058279.html

marc.info/?l=bugtraq&m=133226187115472&w=2

secunia.com/advisories/44037

secunia.com/advisories/44048

secunia.com/advisories/44089

secunia.com/advisories/44090

secunia.com/advisories/44103

secunia.com/advisories/44127

secunia.com/advisories/44180

security.gentoo.org/glsa/glsa-201301-06.xml

securitytracker.com/id?1025300

slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.593345

www.debian.org/security/2011/dsa-2216

www.debian.org/security/2011/dsa-2217

www.kb.cert.org/vuls/id/107886

www.mandriva.com/security/advisories?name=MDVSA-2011:073

www.osvdb.org/71493

www.redhat.com/support/errata/RHSA-2011-0428.html

www.redhat.com/support/errata/RHSA-2011-0840.html

www.securityfocus.com/bid/47176

www.ubuntu.com/usn/USN-1108-1

www.vupen.com/english/advisories/2011/0879

www.vupen.com/english/advisories/2011/0886

www.vupen.com/english/advisories/2011/0909

www.vupen.com/english/advisories/2011/0915

www.vupen.com/english/advisories/2011/0926

www.vupen.com/english/advisories/2011/0965

www.vupen.com/english/advisories/2011/1000

access.redhat.com/errata/RHSA-2011:0428

access.redhat.com/security/updates/classification/#important

bugzilla.redhat.com/show_bug.cgi?id=689832

exchange.xforce.ibmcloud.com/vulnerabilities/66580

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12812

www.exploit-db.com/exploits/37623/

www.isc.org/software/dhcp/advisories/cve-2011-0997

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P