Уязвимость CVE-2011-0997: Информация

Описание

dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.

Важность: HIGH (7,5)

URL: https://nvd.nist.gov/vuln/detail/CVE-2011-0997
Опубликовано: 8 апреля 2011 г.
Изменено: 1 апреля 2020 г.
Идентификатор типа ошибки: CWE-20

Ссылки на рекомендации, решения и инструменты

Ссылка
Ресурс
44037
  • Third Party Advisory
71493
  • Broken Link
ADV-2011-0879
  • Permissions Required
1025300
  • Third Party Advisory
  • VDB Entry
47176
  • Third Party Advisory
  • VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=689832
  • Issue Tracking
  • Patch
  • Third Party Advisory
https://www.isc.org/software/dhcp/advisories/cve-2011-0997
  • Patch
  • Vendor Advisory
VU#107886
  • Third Party Advisory
  • US Government Resource
44048
  • Third Party Advisory
44127
  • Third Party Advisory
FEDORA-2011-4897
  • Mailing List
  • Third Party Advisory
44089
  • Third Party Advisory
RHSA-2011:0428
  • Third Party Advisory
ADV-2011-0915
  • Permissions Required
44103
  • Third Party Advisory
DSA-2217
  • Third Party Advisory
MDVSA-2011:073
  • Third Party Advisory
ADV-2011-0965
  • Permissions Required
44090
  • Third Party Advisory
FEDORA-2011-4934
  • Mailing List
  • Third Party Advisory
44180
  • Third Party Advisory
ADV-2011-0926
  • Permissions Required
SSA:2011-097-01
  • Third Party Advisory
DSA-2216
  • Third Party Advisory
ADV-2011-0886
  • Permissions Required
ADV-2011-0909
  • Permissions Required
USN-1108-1
  • Third Party Advisory
ADV-2011-1000
  • Permissions Required
RHSA-2011:0840
  • Third Party Advisory
HPSBMU02752
  • Mailing List
  • Third Party Advisory
GLSA-201301-06
  • Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
  • Third Party Advisory
iscdhcp-dhclient-command-execution(66580)
  • Third Party Advisory
  • VDB Entry
37623
  • Third Party Advisory
  • VDB Entry
oval:org.mitre.oval:def:12812
  • Third Party Advisory

    1. Конфигурация 1

      cpe:2.3:a:isc:dhcp:3.0.4:b2:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.1.0:b1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.1.0:a3:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.6:rc1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.1.2:rc1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.1.0:rc1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.4:b1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.1.0:a1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.1:rc12:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0:*:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.2:b1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.3:b1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.1:rc1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.4:b3:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.2:rc1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.1:rc7:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.1-esv:*:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.2:rc3:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.1:rc2:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.1.3:b1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.1:rc14:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.1:rc6:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.2:rc2:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.1:rc13:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.1:rc9:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.3:b3:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.1.1:rc1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.1.0:a2:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.1:rc8:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.3:b2:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.1.2:b1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.1.3:rc1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.1:rc10:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.5:rc1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.1:rc11:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.1.1:rc2:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.4:rc1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.1.0:b2:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.1:rc5:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.1:-:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.2:-:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.4:-:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.5:-:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.1.0:-:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.1.2:-:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.1.3:-:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:3.0.3:-:*:*:*:*:*:*

      Конфигурация 2

      cpe:2.3:a:isc:dhcp:4.2.0:b2:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:4.2.0:a2:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:4.2.0:b1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:4.2.1:rc1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:4.2.0:a1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:4.1-esv:rc1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:4.2.1:b1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:4.2.0:rc1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:4.2.0:p1:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:4.1-esv:-:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:4.2.0:-:*:*:*:*:*:*
      cpe:2.3:a:isc:dhcp:4.2.1:-:*:*:*:*:*:*

      Конфигурация 3

      cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
      cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
      cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*

      Конфигурация 4

      cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Версия: v24.4.2
Наверх