Oval Definition:oval:org.mitre.oval:def:21712
Revision Date:2015-03-09Version:12
Title:RHSA-2011:0428: dhcp security update (Important)
Description:dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2011:0428-CentOS 5
CVE-2011-0997
RHSA-2011:0428-01
Platform(s):CentOS Linux 5
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Product(s):dhcp
Definition Synopsis
  • Red Hat Enterprise Linux 5 and CentOS Linux 5 release section
  • Operation system section
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • AND Packages match section
  • dhcp is earlier than 12:3.0.5-23.el5_6.4
  • OR dhcp-devel is earlier than 12:3.0.5-23.el5_6.4
  • OR libdhcp4client-devel is earlier than 12:3.0.5-23.el5_6.4
  • OR dhclient is earlier than 12:3.0.5-23.el5_6.4
  • OR libdhcp4client is earlier than 12:3.0.5-23.el5_6.4
  • Red Hat Enterprise Linux 6 release section
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • AND Packages match section
  • dhclient is earlier than 12:4.1.1-12.P1.el6_0.4
  • OR dhcp is earlier than 12:4.1.1-12.P1.el6_0.4
  • OR dhcp-debuginfo is earlier than 12:4.1.1-12.P1.el6_0.4
  • OR dhcp-devel is earlier than 12:4.1.1-12.P1.el6_0.4
  • BACK