Launchpad CVE tracker

CVE 2011-2716

The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options.

See the

CVE page on Mitre.org for more details.

References

MISC: http://packetstormsecu...
MISC: http://seclists.org/fu...
MISC: https://seclists.org/b...
MISC: http://seclists.org/fu...
MISC: http://secunia.com/adv...
MISC: http://www.securityfoc...
MISC: http://www.mandriva.co...
MISC: http://rhn.redhat.com/...
MISC: http://downloads.avaya...
MISC: http://www.busybox.net...
MISC: https://bugs.busybox.n...
MISC: https://support.t-mobi...

Launchpad.net

CVE 2011-2716

Related bugs

References