CVE-2011-0997
dhcp3 - missing input sanitizing
EPSS 73.5%
Description
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
How to fix CVE-2011-0997
To remediate CVE-2011-0997, upgrade the affected package to a fixed version below.
- Debian/dhcp3—upgrade to 3.1.1-6+lenny5 or later
- Debian/isc-dhcp—upgrade to 4.1.1-P1-16.1 or later
- —upgrade to 4.1.1-P1-15+squeeze2 or later
Is CVE-2011-0997 being exploited?
Likely — EPSS is 73.5%, placing CVE-2011-0997 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.
Affected packages (3)
- from 0, < 3.1.1-6+lenny5
- from 0, < 4.1.1-P1-16.1
- from 0, < 4.1.1-P1-15+squeeze2