| Vigilance Vulnerability Alerts watches vulnerabilities impacting your computers, describes security patches, and then alerts you to fix them. |
|
 |
|
|
Synthesis of the vulnerability 
An attacker owning a malicious DHCP server can return a special hostname, in order to inject a shell command in dhcp6c.
Impacted products: Unix (platform) ~ not comprehensive.
Severity of this bulletin: 2/4.
Creation date: 25/07/2011.
Références of this threat: CVE-2011-2717, VIGILANCE-VUL-10869.
Description of the vulnerability 
The Linux dhcp6c program queries a DHCP server, in order to obtain an IPv6 address and a computer name.
However, a malicious or corrupted DHCP server can return a computer name like:
beginName`command`endName
beginName;command;endName
As dhclient does not filter special shell characters, the shell command received from the server is run on the client.
An attacker owning a malicious DHCP server can therefore return a special hostname, in order to inject a shell command in dhcp6c.
This vulnerability is the same as VIGILANCE-VUL-10522 which impacts ISC dhclient. Full bulletin, software filtering, emails, fixes, ... (request your free trial)
This computer vulnerability bulletin impacts software or systems such as Unix (platform) ~ not comprehensive.
Our Vigilance Vulnerability Alerts team determined that the severity of this vulnerability bulletin is medium.
The trust level is of type confirmed by the editor, with an origin of LAN.
An attacker with a expert ability can exploit this threat note.
Solutions for this threat 
Full bulletin, software filtering, emails, fixes, ... (request your free trial)
Computer vulnerabilities alerting service 
The Vigilance Vulnerability Alerts offer can be used to customize the list of monitored systems.
|