CVE-2011-2717

Summary

The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message.

Affected Software

VendorProductVersion RangeStatus
dhcpv6 projectdhcpv6through 2011-07-25affected

Weaknesses

  • insufficient checking of DHCP options

ADP Enrichment

CVE Program Container

Additional References

References