CVE-2011-0997
UnknownEPSS 84.17%
Last modified
CVE-2011-0997 is a vulnerability of currently unknown severity. dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.. EPSS estimates a 84.17% chance of exploitation in the next 30 days.
Description
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Isc | Dhcp | 3.0 | — |
| Isc | Dhcp | 3.0.1 | — |
| Isc | Dhcp | 3.0.2 | — |
| Isc | Dhcp | 3.0.3 | — |
| Isc | Dhcp | 3.0.4 | — |
| Isc | Dhcp | 3.0.5 | — |
| Isc | Dhcp | 3.0.6 | Rc1 |
| Isc | Dhcp | 3.1-esv | — |
| Isc | Dhcp | 3.1.0 | — |
| Isc | Dhcp | 3.1.1 | Rc1 |
| Isc | Dhcp | 3.1.2 | — |
| Isc | Dhcp | 3.1.3 | — |
| Isc | Dhcp | 4.1-esv | — |
| Isc | Dhcp | 4.2.0 | — |
| Isc | Dhcp | 4.2.1 | — |
| Debian | Debian Linux | 5.0 | — |
| Debian | Debian Linux | 6.0 | — |
| Debian | Debian Linux | 7.0 | — |
| Canonical | Ubuntu Linux | 6.06 | — |
| Canonical | Ubuntu Linux | 8.04 | — |
| Canonical | Ubuntu Linux | 9.10 | — |
| Canonical | Ubuntu Linux | 10.04 | — |
| Canonical | Ubuntu Linux | 10.10 | — |
References
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761Third Party Advisory
- http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057888.htmlMailing List, Third Party Advisory
- http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058279.htmlMailing List, Third Party Advisory
- http://marc.info/?l=bugtraq&m=133226187115472&w=2Mailing List, Third Party Advisory
- http://secunia.com/advisories/44037Third Party Advisory
- http://secunia.com/advisories/44048Third Party Advisory
- http://secunia.com/advisories/44089Third Party Advisory
- http://secunia.com/advisories/44090Third Party Advisory
- http://secunia.com/advisories/44103Third Party Advisory
- http://secunia.com/advisories/44127Third Party Advisory
- http://secunia.com/advisories/44180Third Party Advisory
- http://security.gentoo.org/glsa/glsa-201301-06.xmlThird Party Advisory
- http://securitytracker.com/id?1025300Third Party Advisory, VDB Entry
- http://www.debian.org/security/2011/dsa-2216Third Party Advisory
- http://www.debian.org/security/2011/dsa-2217Third Party Advisory
- http://www.kb.cert.org/vuls/id/107886Third Party Advisory, US Government Resource
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:073Third Party Advisory
- http://www.osvdb.org/71493Broken Link
- http://www.redhat.com/support/errata/RHSA-2011-0428.htmlThird Party Advisory
- http://www.redhat.com/support/errata/RHSA-2011-0840.htmlThird Party Advisory
- http://www.securityfocus.com/bid/47176Third Party Advisory, VDB Entry
- http://www.ubuntu.com/usn/USN-1108-1Third Party Advisory
- http://www.vupen.com/english/advisories/2011/0879Permissions Required
- http://www.vupen.com/english/advisories/2011/0886Permissions Required
- http://www.vupen.com/english/advisories/2011/0909Permissions Required
- http://www.vupen.com/english/advisories/2011/0915Permissions Required
- http://www.vupen.com/english/advisories/2011/0926Permissions Required
- http://www.vupen.com/english/advisories/2011/0965Permissions Required
- http://www.vupen.com/english/advisories/2011/1000Permissions Required
- https://bugzilla.redhat.com/show_bug.cgi?id=689832Issue Tracking, Patch, Third Party Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66580Third Party Advisory, VDB Entry
- https://www.exploit-db.com/exploits/37623/Third Party Advisory, VDB Entry
- https://www.isc.org/software/dhcp/advisories/cve-2011-0997Patch, Vendor Advisory
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761Third Party Advisory
- http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057888.htmlMailing List, Third Party Advisory
- http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058279.htmlMailing List, Third Party Advisory
- http://marc.info/?l=bugtraq&m=133226187115472&w=2Mailing List, Third Party Advisory
- http://secunia.com/advisories/44037Third Party Advisory
- http://secunia.com/advisories/44048Third Party Advisory
- http://secunia.com/advisories/44089Third Party Advisory
- http://secunia.com/advisories/44090Third Party Advisory
- http://secunia.com/advisories/44103Third Party Advisory
- http://secunia.com/advisories/44127Third Party Advisory
- http://secunia.com/advisories/44180Third Party Advisory
- http://security.gentoo.org/glsa/glsa-201301-06.xmlThird Party Advisory
- http://securitytracker.com/id?1025300Third Party Advisory, VDB Entry
- http://www.debian.org/security/2011/dsa-2216Third Party Advisory
- http://www.debian.org/security/2011/dsa-2217Third Party Advisory
- http://www.kb.cert.org/vuls/id/107886Third Party Advisory, US Government Resource
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:073Third Party Advisory
- http://www.osvdb.org/71493Broken Link
- http://www.redhat.com/support/errata/RHSA-2011-0428.htmlThird Party Advisory
- http://www.redhat.com/support/errata/RHSA-2011-0840.htmlThird Party Advisory
- http://www.securityfocus.com/bid/47176Third Party Advisory, VDB Entry
- http://www.ubuntu.com/usn/USN-1108-1Third Party Advisory
- http://www.vupen.com/english/advisories/2011/0879Permissions Required
- http://www.vupen.com/english/advisories/2011/0886Permissions Required
- http://www.vupen.com/english/advisories/2011/0909Permissions Required
- http://www.vupen.com/english/advisories/2011/0915Permissions Required
- http://www.vupen.com/english/advisories/2011/0926Permissions Required
- http://www.vupen.com/english/advisories/2011/0965Permissions Required
- http://www.vupen.com/english/advisories/2011/1000Permissions Required
- https://bugzilla.redhat.com/show_bug.cgi?id=689832Issue Tracking, Patch, Third Party Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66580Third Party Advisory, VDB Entry
- https://www.exploit-db.com/exploits/37623/Third Party Advisory, VDB Entry
- https://www.isc.org/software/dhcp/advisories/cve-2011-0997Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2011-0997?
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
How severe is CVE-2011-0997?
Severity scoring for CVE-2011-0997 is pending analysis. The EPSS model estimates a 84.17% probability of exploitation in the next 30 days.
How do I fix CVE-2011-0997?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2011-0997?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST