NVD Vulnerability Detail

CVE-2011-0997

Summary	dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
Publication Date	April 9, 2011, 12:17 a.m.
Registration Date	Jan. 28, 2021, 4:38 p.m.
Last Update	Nov. 21, 2024, 10:25 a.m.

CVSS2.0 : HIGH
Score	7.5
Vector	AV:N/AC:L/Au:N/C:P/I:P/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	低
可用性への影響(A)	低
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:isc:dhcp:3.0.4:b2::::::
cpe:2.3:a:isc:dhcp:3.1.0:b1::::::
cpe:2.3:a:isc:dhcp:3.1.0:a3::::::
cpe:2.3:a:isc:dhcp:3.0.6:rc1::::::
cpe:2.3:a:isc:dhcp:3.1.2:rc1::::::
cpe:2.3:a:isc:dhcp:3.1.0:rc1::::::
cpe:2.3:a:isc:dhcp:3.0.4:b1::::::
cpe:2.3:a:isc:dhcp:3.1.0:a1::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc12::::::
cpe:2.3:a:isc:dhcp:3.0:::::::*
cpe:2.3:a:isc:dhcp:3.0.2:b1::::::
cpe:2.3:a:isc:dhcp:3.0.3:b1::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc1::::::
cpe:2.3:a:isc:dhcp:3.0.4:b3::::::
cpe:2.3:a:isc:dhcp:3.0.2:rc1::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc7::::::
cpe:2.3:a:isc:dhcp:3.1-esv:::::::*
cpe:2.3:a:isc:dhcp:3.0.2:rc3::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc2::::::
cpe:2.3:a:isc:dhcp:3.1.3:b1::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc14::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc6::::::
cpe:2.3:a:isc:dhcp:3.0.2:rc2::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc13::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc9::::::
cpe:2.3:a:isc:dhcp:3.0.3:b3::::::
cpe:2.3:a:isc:dhcp:3.1.1:rc1::::::
cpe:2.3:a:isc:dhcp:3.1.0:a2::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc8::::::
cpe:2.3:a:isc:dhcp:3.0.3:b2::::::
cpe:2.3:a:isc:dhcp:3.1.2:b1::::::
cpe:2.3:a:isc:dhcp:3.1.3:rc1::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc10::::::
cpe:2.3:a:isc:dhcp:3.0.5:rc1::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc11::::::
cpe:2.3:a:isc:dhcp:3.1.1:rc2::::::
cpe:2.3:a:isc:dhcp:3.0.4:rc1::::::
cpe:2.3:a:isc:dhcp:3.1.0:b2::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc5::::::
cpe:2.3:a:isc:dhcp:3.0.1:-::::::
cpe:2.3:a:isc:dhcp:3.0.2:-::::::
cpe:2.3:a:isc:dhcp:3.0.4:-::::::
cpe:2.3:a:isc:dhcp:3.0.5:-::::::
cpe:2.3:a:isc:dhcp:3.1.0:-::::::
cpe:2.3:a:isc:dhcp:3.1.2:-::::::
cpe:2.3:a:isc:dhcp:3.1.3:-::::::
cpe:2.3:a:isc:dhcp:3.0.3:-::::::

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:isc:dhcp:4.2.0:b2::::::
cpe:2.3:a:isc:dhcp:4.2.0:a2::::::
cpe:2.3:a:isc:dhcp:4.2.0:b1::::::
cpe:2.3:a:isc:dhcp:4.2.1:rc1::::::
cpe:2.3:a:isc:dhcp:4.2.0:a1::::::
cpe:2.3:a:isc:dhcp:4.1-esv:rc1::::::
cpe:2.3:a:isc:dhcp:4.2.1:b1::::::
cpe:2.3:a:isc:dhcp:4.2.0:rc1::::::
cpe:2.3:a:isc:dhcp:4.2.0:p1::::::
cpe:2.3:a:isc:dhcp:4.1-esv:-::::::
cpe:2.3:a:isc:dhcp:4.2.0:-::::::
cpe:2.3:a:isc:dhcp:4.2.1:-::::::

Configuration3	or higher	or less	more than	less than
cpe:2.3:o:debian:debian_linux:5.0:::::::*
cpe:2.3:o:debian:debian_linux:7.0:::::::*
cpe:2.3:o:debian:debian_linux:6.0:::::::*

Configuration4	or higher	or less	more than	less than
cpe:2.3:o:canonical:ubuntu_linux:10.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:9.10:::::::*

Related information, measures and tools

No	URL	タグ
1	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761	Third Party Advisory
2	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057888.html	Mailing List Third Party Advisory
3	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058279.html	Mailing List Third Party Advisory
4	http://marc.info/?l=bugtraq&m=133226187115472&w=2	Mailing List Third Party Advisory
5	http://marc.info/?l=bugtraq&m=133226187115472&w=2	Mailing List Third Party Advisory
6	http://secunia.com/advisories/44037	Third Party Advisory
7	http://secunia.com/advisories/44048	Third Party Advisory
8	http://secunia.com/advisories/44089	Third Party Advisory
9	http://secunia.com/advisories/44090	Third Party Advisory
10	http://secunia.com/advisories/44103	Third Party Advisory
11	http://secunia.com/advisories/44127	Third Party Advisory
12	http://secunia.com/advisories/44180	Third Party Advisory
13	http://security.gentoo.org/glsa/glsa-201301-06.xml	Third Party Advisory
14	http://securitytracker.com/id?1025300	Third Party Advisory VDB Entry
15	http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.593345	Third Party Advisory
16	http://www.debian.org/security/2011/dsa-2216	Third Party Advisory
17	http://www.debian.org/security/2011/dsa-2217	Third Party Advisory
18	http://www.kb.cert.org/vuls/id/107886	Third Party Advisory US Government Resource
19	http://www.mandriva.com/security/advisories?name=MDVSA-2011:073	Third Party Advisory
20	http://www.osvdb.org/71493	Broken Link
21	http://www.redhat.com/support/errata/RHSA-2011-0428.html	Third Party Advisory
22	http://www.redhat.com/support/errata/RHSA-2011-0840.html	Third Party Advisory
23	http://www.securityfocus.com/bid/47176	Third Party Advisory VDB Entry
24	http://www.ubuntu.com/usn/USN-1108-1	Third Party Advisory
25	http://www.vupen.com/english/advisories/2011/0879	Permissions Required
26	http://www.vupen.com/english/advisories/2011/0886	Permissions Required
27	http://www.vupen.com/english/advisories/2011/0909	Permissions Required
28	http://www.vupen.com/english/advisories/2011/0915	Permissions Required
29	http://www.vupen.com/english/advisories/2011/0926	Permissions Required
30	http://www.vupen.com/english/advisories/2011/0965	Permissions Required
31	http://www.vupen.com/english/advisories/2011/1000	Permissions Required
32	https://bugzilla.redhat.com/show_bug.cgi?id=689832	Issue Tracking Patch Third Party Advisory
33	https://exchange.xforce.ibmcloud.com/vulnerabilities/66580	Third Party Advisory VDB Entry
34	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12812	Third Party Advisory
35	https://www.exploit-db.com/exploits/37623/	Third Party Advisory VDB Entry
36	https://www.isc.org/software/dhcp/advisories/cve-2011-0997	Patch Vendor Advisory
37	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761	Third Party Advisory
38	https://www.isc.org/software/dhcp/advisories/cve-2011-0997	Patch Vendor Advisory
39	https://www.exploit-db.com/exploits/37623/	Third Party Advisory VDB Entry
40	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12812	Third Party Advisory
41	https://exchange.xforce.ibmcloud.com/vulnerabilities/66580	Third Party Advisory VDB Entry
42	https://bugzilla.redhat.com/show_bug.cgi?id=689832	Issue Tracking Patch Third Party Advisory
43	http://www.vupen.com/english/advisories/2011/1000	Permissions Required
44	http://www.vupen.com/english/advisories/2011/0965	Permissions Required
45	http://www.vupen.com/english/advisories/2011/0926	Permissions Required
46	http://www.vupen.com/english/advisories/2011/0915	Permissions Required
47	http://www.vupen.com/english/advisories/2011/0909	Permissions Required
48	http://www.vupen.com/english/advisories/2011/0886	Permissions Required
49	http://www.vupen.com/english/advisories/2011/0879	Permissions Required
50	http://www.ubuntu.com/usn/USN-1108-1	Third Party Advisory
51	http://www.securityfocus.com/bid/47176	Third Party Advisory VDB Entry
52	http://www.redhat.com/support/errata/RHSA-2011-0840.html	Third Party Advisory
53	http://www.redhat.com/support/errata/RHSA-2011-0428.html	Third Party Advisory
54	http://www.osvdb.org/71493	Broken Link
55	http://www.mandriva.com/security/advisories?name=MDVSA-2011:073	Third Party Advisory
56	http://www.kb.cert.org/vuls/id/107886	Third Party Advisory US Government Resource
57	http://www.debian.org/security/2011/dsa-2217	Third Party Advisory
58	http://www.debian.org/security/2011/dsa-2216	Third Party Advisory
59	http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.593345	Third Party Advisory
60	http://securitytracker.com/id?1025300	Third Party Advisory VDB Entry
61	http://security.gentoo.org/glsa/glsa-201301-06.xml	Third Party Advisory
62	http://secunia.com/advisories/44180	Third Party Advisory
63	http://secunia.com/advisories/44127	Third Party Advisory
64	http://secunia.com/advisories/44103	Third Party Advisory
65	http://secunia.com/advisories/44090	Third Party Advisory
66	http://secunia.com/advisories/44089	Third Party Advisory
67	http://secunia.com/advisories/44048	Third Party Advisory
68	http://secunia.com/advisories/44037	Third Party Advisory
69	http://marc.info/?l=bugtraq&m=133226187115472&w=2	Mailing List Third Party Advisory
70	http://marc.info/?l=bugtraq&m=133226187115472&w=2	Mailing List Third Party Advisory
71	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058279.html	Mailing List Third Party Advisory
72	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057888.html	Mailing List Third Party Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-20	不適切な入力確認	https://cwe.mitre.org/data/definitions/20.html

JVN Vulnerability Information

Apple Time Capsule および AirPort Base Station (802.11n) における複数の脆弱性に対するアップデート

Title	Apple Time Capsule および AirPort Base Station (802.11n) における複数の脆弱性に対するアップデート
Summary	Apple から Apple Time Capsule および AirPort Base Station (802.11n) のファームウェアアップデートが公開されました。
Possible impacts	細工された DHCP レスポンスを処理することで任意のコマンドを実行される可能性があります。
Solution	[アップデートする] Apple が提供する情報をもとにアップデートを行ってください。
Publication Date	Nov. 11, 2011, midnight
Registration Date	Nov. 28, 2011, 2:52 p.m.
Last Update	Nov. 28, 2011, 2:52 p.m.

Affected System

アップル

AirMac (AirPort) ベースステーションファームウェア 7.6 未満

Time Capsule

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2011-0997	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997
National Vulnerability Database (NVD)
2	CVE-2011-0997	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0997

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-20	https://jvndb.jvn.jp/ja/cwe/CWE-20.html

ベンダー情報

No	Name	URL
Apple Security Updates
1	HT5005	http://support.apple.com/kb/HT5005

その他

No	Name	URL
JVN
1	JVNVU#107886	https://jvn.jp/cert/JVNVU107886/
2	JVNVU#309451	https://jvn.jp/cert/JVNVU309451/
US-CERT Vulnerability Note
3	VU#107886	http://www.kb.cert.org/vuls/id/107886

Change Log

No	Changed Details	Date of change
0	[2011年11月28日] 掲載	Feb. 17, 2018, 10:37 a.m.

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:isc:dhcp:3.0.4:b2::::::
cpe:2.3:a:isc:dhcp:3.1.0:b1::::::
cpe:2.3:a:isc:dhcp:3.1.0:a3::::::
cpe:2.3:a:isc:dhcp:3.0.6:rc1::::::
cpe:2.3:a:isc:dhcp:3.1.2:rc1::::::
cpe:2.3:a:isc:dhcp:3.1.0:rc1::::::
cpe:2.3:a:isc:dhcp:3.0.4:b1::::::
cpe:2.3:a:isc:dhcp:3.1.0:a1::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc12::::::
cpe:2.3:a:isc:dhcp:3.0:::::::*
cpe:2.3:a:isc:dhcp:3.0.2:b1::::::
cpe:2.3:a:isc:dhcp:3.0.3:b1::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc1::::::
cpe:2.3:a:isc:dhcp:3.0.4:b3::::::
cpe:2.3:a:isc:dhcp:3.0.2:rc1::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc7::::::
cpe:2.3:a:isc:dhcp:3.1-esv:::::::*
cpe:2.3:a:isc:dhcp:3.0.2:rc3::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc2::::::
cpe:2.3:a:isc:dhcp:3.1.3:b1::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc14::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc6::::::
cpe:2.3:a:isc:dhcp:3.0.2:rc2::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc13::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc9::::::
cpe:2.3:a:isc:dhcp:3.0.3:b3::::::
cpe:2.3:a:isc:dhcp:3.1.1:rc1::::::
cpe:2.3:a:isc:dhcp:3.1.0:a2::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc8::::::
cpe:2.3:a:isc:dhcp:3.0.3:b2::::::
cpe:2.3:a:isc:dhcp:3.1.2:b1::::::
cpe:2.3:a:isc:dhcp:3.1.3:rc1::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc10::::::
cpe:2.3:a:isc:dhcp:3.0.5:rc1::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc11::::::
cpe:2.3:a:isc:dhcp:3.1.1:rc2::::::
cpe:2.3:a:isc:dhcp:3.0.4:rc1::::::
cpe:2.3:a:isc:dhcp:3.1.0:b2::::::
cpe:2.3:a:isc:dhcp:3.0.1:rc5::::::
cpe:2.3:a:isc:dhcp:3.0.1:-::::::
cpe:2.3:a:isc:dhcp:3.0.2:-::::::
cpe:2.3:a:isc:dhcp:3.0.4:-::::::
cpe:2.3:a:isc:dhcp:3.0.5:-::::::
cpe:2.3:a:isc:dhcp:3.1.0:-::::::
cpe:2.3:a:isc:dhcp:3.1.2:-::::::
cpe:2.3:a:isc:dhcp:3.1.3:-::::::
cpe:2.3:a:isc:dhcp:3.0.3:-::::::

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:isc:dhcp:4.2.0:b2::::::
cpe:2.3:a:isc:dhcp:4.2.0:a2::::::
cpe:2.3:a:isc:dhcp:4.2.0:b1::::::
cpe:2.3:a:isc:dhcp:4.2.1:rc1::::::
cpe:2.3:a:isc:dhcp:4.2.0:a1::::::
cpe:2.3:a:isc:dhcp:4.1-esv:rc1::::::
cpe:2.3:a:isc:dhcp:4.2.1:b1::::::
cpe:2.3:a:isc:dhcp:4.2.0:rc1::::::
cpe:2.3:a:isc:dhcp:4.2.0:p1::::::
cpe:2.3:a:isc:dhcp:4.1-esv:-::::::
cpe:2.3:a:isc:dhcp:4.2.0:-::::::
cpe:2.3:a:isc:dhcp:4.2.1:-::::::