What Are You Looking For?

Sign Up
Synopsis:          Critical: dhcp security update
Advisory ID:       SLSA-2018:1454-1
Issue Date:        2018-05-15
CVE Numbers:       CVE-2018-1111
--

Security Fix(es):

* A command injection flaw was found in the NetworkManager integration
script included in the DHCP client packages in Scientific Linux. A
malicious DHCP server, or an attacker on the local network able to spoof
DHCP responses, could use this flaw to execute arbitrary commands with
root privileges on systems using NetworkManager and configured to obtain
network configuration using the DHCP protocol. (CVE-2018-1111)
--

SL6
  x86_64
    dhclient-4.1.1-53.P1.el6_9.4.x86_64.rpm
    dhcp-common-4.1.1-53.P1.el6_9.4.x86_64.rpm
    dhcp-debuginfo-4.1.1-53.P1.el6_9.4.x86_64.rpm
    dhcp-4.1.1-53.P1.el6_9.4.x86_64.rpm
    dhcp-debuginfo-4.1.1-53.P1.el6_9.4.i686.rpm
    dhcp-devel-4.1.1-53.P1.el6_9.4.i686.rpm
    dhcp-devel-4.1.1-53.P1.el6_9.4.x86_64.rpm
  i386
    dhclient-4.1.1-53.P1.el6_9.4.i686.rpm
    dhcp-common-4.1.1-53.P1.el6_9.4.i686.rpm
    dhcp-debuginfo-4.1.1-53.P1.el6_9.4.i686.rpm
    dhcp-4.1.1-53.P1.el6_9.4.i686.rpm
    dhcp-devel-4.1.1-53.P1.el6_9.4.i686.rpm

- Scientific Linux Development Team

SciLinux: SLSA-2018-1454-1 Critical: dhcp on SL6.x i386/x86_64

A command injection flaw was found in the NetworkManager integration script included in the DHCP client packages in Scientific Linux

Summary

Critical: dhcp security update



Security Fixes

* A command injection flaw was found in the NetworkManager integration script included in the DHCP client packages in Scientific Linux. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol. (CVE-2018-1111)
SL6 x86_64 dhclient-4.1.1-53.P1.el6_9.4.x86_64.rpm dhcp-common-4.1.1-53.P1.el6_9.4.x86_64.rpm dhcp-debuginfo-4.1.1-53.P1.el6_9.4.x86_64.rpm dhcp-4.1.1-53.P1.el6_9.4.x86_64.rpm dhcp-debuginfo-4.1.1-53.P1.el6_9.4.i686.rpm dhcp-devel-4.1.1-53.P1.el6_9.4.i686.rpm dhcp-devel-4.1.1-53.P1.el6_9.4.x86_64.rpm i386 dhclient-4.1.1-53.P1.el6_9.4.i686.rpm dhcp-common-4.1.1-53.P1.el6_9.4.i686.rpm dhcp-debuginfo-4.1.1-53.P1.el6_9.4.i686.rpm dhcp-4.1.1-53.P1.el6_9.4.i686.rpm dhcp-devel-4.1.1-53.P1.el6_9.4.i686.rpm
- Scientific Linux Development Team

Severity
Advisory ID: SLSA-2018:1454-1
Issued Date: : 2018-05-15
CVE Numbers: CVE-2018-1111

Related News

The Rust Foundation to Develop Training and Certification Program

Dec 3, 2023

Linus Torvalds on the State of Linux Today and How AI Figures in Its Future

Dec 6, 2023

New CacheWarp AMD CPU attack lets hackers gain root in Linux VMs

Nov 15, 2023

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

Dec 2, 2023

News

Advisories

HOWTOs

Features

Password Guessing as an Attack Vector
Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management

About Us

Powered By

Footer Logo