LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

dhcp: man-in-the-middle attack

Package(s):dhcp CVE #(s):CVE-2011-0997
Created:April 7, 2011 Updated:May 31, 2011
Description: From the Slackware advisory:

In dhclient, check the data for some string options for reasonableness before passing it along to the script that interfaces with the OS. This prevents some possible attacks by a hostile DHCP server.

Alerts:
Red Hat RHSA-2011:0840-01 2011-05-31
SUSE SUSE-SR:2011:008 2011-05-03
Ubuntu USN-1108-2 2011-04-19
SUSE SUSE-SR:2011:007 2011-04-19
Fedora FEDORA-2011-0848 2011-01-28
CentOS CESA-2011:0428 2011-04-14
Fedora FEDORA-2011-4897 2011-04-06
Ubuntu USN-1108-1 2011-04-11
Mandriva MDVSA-2011:073 2011-04-11
Debian DSA-2217-1 2011-04-10
Debian DSA-2216-1 2011-04-10
CentOS CESA-2011:0428 2011-04-08
openSUSE openSUSE-SU-2011:0321-1 2011-04-08
openSUSE openSUSE-SU-2011:0320-1 2011-04-08
Red Hat RHSA-2011:0428-01 2011-04-08
Slackware SSA:2011-097-01 2011-04-07
Pardus 2011-71 2011-05-02
Gentoo 201301-06 2013-01-09
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds