CVE-2011-2716

Published: Jul 3, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://downloads.avaya.com/css/P8/documents/100158840

x_refsource_CONFIRM

http://www.busybox.net/news.html

x_refsource_CONFIRM

45363

third-party-advisory

x_refsource_SECUNIA

https://support.t-mobile.com/docs/DOC-21994

x_refsource_CONFIRM

https://bugs.busybox.net/show_bug.cgi?id=3979

x_refsource_CONFIRM

RHSA-2012:0810

vendor-advisory

x_refsource_REDHAT

48879

vdb-entry

x_refsource_BID

MDVSA-2012:129

vendor-advisory

x_refsource_MANDRIVA

20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series

mailing-list

x_refsource_FULLDISC

20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series

mailing-list

x_refsource_BUGTRAQ

http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html

x_refsource_MISC

20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S

mailing-list

x_refsource_FULLDISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2011-2716

Description

Affected Products

References