Your submission was sent successfully! Close

CVE-2011-0996

Published: 13 April 2011

dhcpcd before 5.2.12 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message.

Priority

High

Status

Package Release Status
dhcpcd
Launchpad, Ubuntu, Debian
Upstream Needs triage

dhcpcd5
Launchpad, Ubuntu, Debian
Upstream
Released (5.2.12)
Patches:
Upstream: http://roy.marples.name/projects/dhcpcd/changeset/c317b39786ac6c3a939dc711db7c78cf099859fd