ubuntu · CVE-2011-2716

Quick triage

Priority: negligible Published: 2012-07-03 16:40:00 UTC Updated: 2024-07-24 15:57:39 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2011-2716 negligible priority: Ubuntu including 1 source packages (busybox), 25 status rows across 25 suites (artful, bionic, cosmic, disco, eoan, focal, groovy, hardy, hirsute, lucid, maverick, natty, oneiric, precise, quantal, raring, saucy, trusty, upstream, utopic, vivid, wily, xenial, yakkety, zesty): not-affected 15, ignored 9, released 1.

Description:

The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options.

cvelogic Threat Intelligence