CVE-2011-0997
Published Apr 8, 2011
Last updated 5 years ago
Overview
- Description
- dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-20
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "648BBC1F-1792-443F-B625-67A05004EB7E"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.1:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA086AC5-9ADF-4EF9-9534-B1C78CD7A56C"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.1:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1E94449B-6FB0-4E4D-9D92-144A1C474761"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.1:rc10:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6824B249-D222-4F29-8C29-E92071F12621"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.1:rc11:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F7A3F32-C297-4331-9B8D-1CF8F3D32315"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.1:rc12:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B4959ABA-9F2E-4003-9566-DBE3177AE233"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.1:rc13:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0CE2A3CA-EFB6-4547-BED8-CAC39156F10B"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.1:rc14:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5DE205EE-F708-4E4A-A861-EBF6D3C062F7"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.1:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD8EBBF0-A61B-4FF0-B055-9BA2A21617A4"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.1:rc5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3141202-993D-4E80-9EAD-ACA6C1343D6E"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.1:rc6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E0768D1-37D3-4C17-A3A9-94EA237392AB"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.1:rc7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F167B922-DD9E-4DD1-BB8F-B232711BACCD"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.1:rc8:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E23602E-FFA1-49E2-BF4C-BC5D074517B4"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.1:rc9:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8DA200FE-D261-4532-AC63-1208611AFE46"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.2:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "46030C9F-C817-4ACA-A89D-8CCD4DE97B3C"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.2:b1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A3649A4-BA40-4D8A-AB7C-AE1584459DFA"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.2:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9ADC8A14-E847-4CC5-8FA5-522883DE324F"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.2:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CAA0C26C-9B0A-4ACB-9BD7-413F94948545"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.2:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2DC6FA47-1F41-465D-8EAD-8116643ADAEF"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.3:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "87CBA8DD-650D-4A67-924C-B108CEE74BB1"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.3:b1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D71C1AA-E5F7-454B-9267-FE23E1C2AB31"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.3:b2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D521DF6-AED8-40FA-B183-D469100B8B7F"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.3:b3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD90F626-AC37-491A-A59D-11307D73E27A"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.4:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F59B80F0-2FD5-461B-91C7-966BAFB5AB38"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.4:b1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "34D8DF2C-387B-4880-9832-15583272E151"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.4:b2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD78CE26-475D-4D8B-8625-CAE850F6E876"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.4:b3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9338F9AA-41F0-470E-BB49-C1A395376DF0"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.4:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6297233D-6C25-4A10-8F0A-79A8452ABAD3"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.5:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0AC6F4D8-DD42-49F6-994C-75EFA888FA82"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.5:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B9D5A562-AEB5-41D8-9137-65B3100B1F21"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.0.6:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5AD8F74D-3F4B-4E25-92C9-D20C63B4B77E"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.1-esv:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B7928AD6-4E2D-414D-A7E2-6DFB559CA1CC"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.1.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CD9AE49C-C152-4D0D-AB08-938F54631909"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.1.0:a1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7528512B-66EC-4B2C-9158-34199C4A5FCE"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.1.0:a2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "106F8860-B068-4B68-8734-206BFD401C3F"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.1.0:a3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "240D0880-DC35-41A6-B4F2-F9B73DF4AF59"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.1.0:b1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6643B661-0253-4036-88D7-AF70B610B627"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.1.0:b2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EFD04E6D-B418-4BCB-A3A1-CDFDEC271497"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.1.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7CA10784-1F4A-459B-8FFE-47E9993A63AA"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.1.1:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CF53110-2163-4474-81AC-846E8D502EB8"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.1.1:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "60FEE70E-514D-4481-A9AE-89FBF9E90AAF"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.1.2:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B571E882-C976-4156-BE03-96E52EA7463C"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.1.2:b1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7A01E62-5C0B-4CB7-B1A3-A60269D901E7"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.1.2:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D25667FF-3EDC-4238-ADF5-25EFA4D88EDF"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.1.3:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B954F84E-1046-4A9F-AF86-7E62FDE88C3D"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.1.3:b1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D60C4CBE-C104-4A12-B7DD-AFBB2C1C21AE"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:3.1.3:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E4033956-E928-42F7-97E9-A2357CEACEE0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F27D0660-2F07-430B-A651-5D0B6AA763C0"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3120B566-2BB6-4A1F-9ED7-E099E2870919"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:4.2.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "150D46FA-873E-4E4F-8192-BCA1076994D7"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:4.2.0:a1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "56113AB6-8295-4EB7-A003-79049FBB8B4C"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:4.2.0:a2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "362DA97E-B940-4649-803F-26D8C1D16DA5"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:4.2.0:b1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "950A6BA0-C348-4B89-8C18-F2AFA467649F"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:4.2.0:b2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9088D042-F104-4F31-AEBB-75F5A0F03AE5"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:4.2.0:p1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F159908A-00E7-4EC8-8342-28182F547C4A"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:4.2.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C49DF07-9612-43C7-9771-B76487B4A9CD"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:4.2.1:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C6D8D55-DCD2-4E70-B3C6-76F2134DA336"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:4.2.1:b1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C0F06FC0-6477-4589-B9CB-24B1F893EF09"
},
{
"criteria": "cpe:2.3:a:isc:dhcp:4.2.1:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6CCA07EB-B0CB-40EE-B62E-DB4C408717B7"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C91D2DBF-6DA7-4BA2-9F29-8BD2725A4701"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "87614B58-24AB-49FB-9C84-E8DDBA16353B"
}
],
"operator": "OR"
}
]
}
]