Full Disclosure mailing list archives
Re: ISC DHCP Client [3.0.x to 4.2.x] Arbitrary Command Execution (CVE-2011-0997)
From: coderman <coderman () gmail com>
Date: Wed, 6 Apr 2011 14:07:02 -0700
On Wed, Apr 6, 2011 at 1:31 PM, <Valdis.Kletnieks () vt edu> wrote:
... (Yes, I've seen more than misconfigured getup that was serving up a FQDN for hostname and "" for domainname. You'd think hotels, coffeeshops, and the like would have enough sense to contract out to competent providers rather than try to do it themselves. ;)
~_~; wonder how many servers this same trick works on in opposite direction. [they'd have to fix after leasing to '\vrm -rf /' ... get to work Valdis! ] _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- ISC DHCP Client [3.0.x to 4.2.x] Arbitrary Command Execution (CVE-2011-0997) Ryan Sears (Apr 06)
- Re: ISC DHCP Client [3.0.x to 4.2.x] Arbitrary Command Execution (CVE-2011-0997) Marcus Meissner (Apr 06)
- Re: ISC DHCP Client [3.0.x to 4.2.x] Arbitrary Command Execution (CVE-2011-0997) Valdis . Kletnieks (Apr 06)
- Re: ISC DHCP Client [3.0.x to 4.2.x] Arbitrary Command Execution (CVE-2011-0997) coderman (Apr 06)
- Re: ISC DHCP Client [3.0.x to 4.2.x] Arbitrary Command Execution (CVE-2011-0997) Valdis . Kletnieks (Apr 06)
- Re: ISC DHCP Client [3.0.x to 4.2.x] Arbitrary Command Execution (CVE-2011-0997) coderman (Apr 06)
- Re: ISC DHCP Client [3.0.x to 4.2.x] Arbitrary Command Execution (CVE-2011-0997) Nick FitzGerald (Apr 06)
- Re: ISC DHCP Client [3.0.x to 4.2.x] Arbitrary Command Execution (CVE-2011-0997) coderman (Apr 06)