oss-sec mailing list archives

Re: [klibc] CVE request: klibc: ipconfig sh script with unescaped DHCP options

From: Josh Bressers <bressers () redhat com>
Date: Thu, 19 May 2011 14:47:15 -0400 (EDT)

----- Original Message -----

Related to CVE-2011-0997

ipconfig vulnerability for malicious dhcpd if $DNSDOMAIN is later
used unquoted, than proof of concept involves
DNSDOMAIN="\\\"\$(echo owned; touch /tmp/owned)"

fix:
http://git.kernel.org/?p=libs/klibc/klibc.git;a=commit;h=46a0f831582629612f0ff9707ad1292887f26bff
will be part of the just to be released klibc-1.5.22


Please use CVE-2011-1930.

Thanks.

-- 
    JB

Current thread:

[klibc] CVE request: klibc: ipconfig sh script with unescaped DHCP options maximilian attems (May 18)
- Re: [klibc] CVE request: klibc: ipconfig sh script with unescaped DHCP options Dan Rosenberg (May 18)
  - Re: [klibc] [oss-security] CVE request: klibc: ipconfig sh script with unescaped DHCP options maximilian attems (May 18)
    - Re: [klibc] [oss-security] CVE request: klibc: ipconfig sh script with unescaped DHCP options Dan Rosenberg (May 18)
- Re: [klibc] CVE request: klibc: ipconfig sh script with unescaped DHCP options Josh Bressers (May 19)