Ubuntu
dhcp3 package

dhclient does not strip or escape shell meta-characters

Bug #753580 reported by Dmitry on 2011-04-07

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	dhcp3 (Ubuntu)	Fix Released	Undecided	Unassigned

Bug Description

dhclient doesn't strip or escape certain shell meta-characters in dhcpd responses, allowing a rogue server or party with with escalated privileges on the server to cause remote code execution on the client.

See also: http://www.isc.org/software/dhcp/advisories/cve-2011-0997

See original description

Tags:

CVE References

2011-0997

Dmitry (dmitry-korolyov) on 2011-04-07

tags:

added: security

Dmitry (dmitry-korolyov) on 2011-04-07

description:

updated

Revision history for this message

Marc Deslauriers (mdeslaur) wrote on 2011-04-11:

Updated for this were released today.
See USN-1108-1.

Changed in dhcp3 (Ubuntu):
status:	New → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntudhcp3 package