CVE-2011-2716

描述

The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options.

受影響套件(1)

• Debian/busyboxfrom 0, < 1:1.20.0-3

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-2716