ISC.DHCP.dhclient.Network.Configuration.Command.Injection
Description
This indicates an attack attempt against a Command Injection vulnerability in ISC DHCP.
The vulnerability is caused by an error when the vulnerable software handles a malicious DHCP Request. As a result, a remote attacker can exploit this to execute arbitrary script code within the context of the application.
Affected Products
ISC DHCP dhclient Prior to 3.1-ESV-R1
ISC DHCP dhclient Prior to 4.1-ESV-R2
ISC DHCP dhclient Prior to 4.2.1-P1
Impact
System Compromise: Remote attackers can run arbitrary commands on vulnerable systems.
Recommended Actions
Upgrade to the latest version.
http://www.isc.org/software/dhcp
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |