7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.971 High
EPSS
Percentile
99.8%
a. Service Console update for DHCPThe DHCP client daemon, dhclient, does not properly sanatize certain options in DHCP server replies. An attacker could send a specially crafted DHCP server reply, that is saved on the client system and evaluated by a process that assumes the option is trusted. This could lead to arbitrary code execution with the privileges of the evaluating process.The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2011-0997 to this issue.Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
CPE | Name | Operator | Version |
---|---|---|---|
esx | lt | ESX410-201107405-SG | |
esx | lt | ESX400-201110406-SG | |
esx | lt | ESX350-201203405-SG | |
esx | lt | ESX410-201107406-SG | |
esx | lt | ESX400-201110408-SG |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0296
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0536
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1071
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1095
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1658
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1659