| |||||||||||||||||||
Pardus alert 2011-78 (dhcpcd)
------------------------------------------------------------------------ Pardus Linux Security Advisory 2011-78 security@pardus.org.tr ------------------------------------------------------------------------ Date: 2011-05-26 Severity: 3 Type: Remote ------------------------------------------------------------------------ Summary ======= A vulnerability has been fixed in dhcpcd, which allows attackers to execute arbitrary commands. Description =========== CVE-2011-0996: dhcpcd before 5.2.12 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message. Affected packages: Pardus 2009: dhcpcd, all before 5.1.5-22-7 Pardus 2011: dhcpcd, all before 5.2.12-31-p11 Resolution ========== There are update(s) for dhcpcd. You can update them via Package Manager or with a single command from console: Pardus 2009: pisi up dhcpcd Pardus 2011: pisi up dhcpcd References ========== * http://bugs.pardus.org.tr/show_bug.cgi?id=17803 ------------------------------------------------------------------------ _______________________________________________ Pardus-Security mailing list Pardus-Security@pardus.org.tr http://liste.pardus.org.tr/mailman/listinfo/pardus-security (Log in to post comments)
|
|||||||||||||||||||