ISC.DHCP.dhclient.Network.Configuration.Command.Injection

description-logoDescription

This indicates an attack attempt against a Command Injection vulnerability in ISC DHCP.
The vulnerability is caused by an error when the vulnerable software handles a malicious DHCP Request. As a result, a remote attacker can exploit this to execute arbitrary script code within the context of the application.

affected-products-logoAffected Products

ISC DHCP dhclient Prior to 3.1-ESV-R1
ISC DHCP dhclient Prior to 4.1-ESV-R2
ISC DHCP dhclient Prior to 4.2.1-P1

Impact logoImpact

System Compromise: Remote attackers can run arbitrary commands on vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to the latest version.
http://www.isc.org/software/dhcp

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2022-10-31 22.424 Sig Added
2019-06-13 14.632 Sig Added