Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

CVE-2011-0997

Published

13 years ago

Last Modified

4 years ago

CVSSv2.0 Severity

High

Impact Analysis

dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script..

CVSSv2.0 Score

Severity: High
Base Score: 7.5/10
Exploit Score: 10/10
Access Vector: Network
Access Complexity: Low
Authentication Required: None
Impact Score: 6.4/10
Confidentiality Impact: Partial
Availability Impact: Partial
Integrity Impact: Partial

Products Affected

CPE	Affected	Vulnerable	Excluding
cpe:2.3:a:isc:dhcp:3.0.4:b2::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.1.0:b1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.1.0:a3::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.6:rc1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.1.2:rc1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.1.0:rc1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.4:b1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.1.0:a1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.1:rc12::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0:::::::*	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.2:b1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.3:b1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.1:rc1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.4:b3::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.2:rc1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.1:rc7::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.1-esv:::::::*	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.2:rc3::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.1:rc2::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.1.3:b1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.1:rc14::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.1:rc6::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.2:rc2::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.1:rc13::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.1:rc9::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.3:b3::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.1.1:rc1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.1.0:a2::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.1:rc8::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.3:b2::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.1.2:b1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.1.3:rc1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.1:rc10::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.5:rc1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.1:rc11::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.1.1:rc2::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.4:rc1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.1.0:b2::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.1:rc5::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.1:-::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.2:-::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.4:-::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.5:-::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.1.0:-::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.1.2:-::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.1.3:-::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:3.0.3:-::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:4.2.0:b2::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:4.2.0:a2::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:4.2.0:b1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:4.2.1:rc1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:4.2.0:a1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:4.1-esv:rc1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:4.2.1:b1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:4.2.0:rc1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:4.2.0:p1::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:4.1-esv:-::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:4.2.0:-::::::	Yes	-	-
cpe:2.3:a:isc:dhcp:4.2.1:-::::::	Yes	-	-
cpe:2.3:o:debian:debian_linux:5.0:::::::*	Yes	-	-
cpe:2.3:o:debian:debian_linux:7.0:::::::*	Yes	-	-
cpe:2.3:o:debian:debian_linux:6.0:::::::*	Yes	-	-
cpe:2.3:o:canonical:ubuntu_linux:10.10:::::::*	Yes	-	-
cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::	Yes	-	-
cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::	Yes	-	-
cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::	Yes	-	-
cpe:2.3:o:canonical:ubuntu_linux:9.10:::::::*	Yes	-	-

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2011-0997

Published

Last Modified

CVSSv2.0 Severity

Impact Analysis

Share

CVSSv2.0 Score

Products Affected

References

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2011-0997

CVE information

Published

Last Modified

CVSSv2.0 Severity

Impact Analysis

Share

Description

CVSSv2.0 Score

Products Affected

References