klibc 1.5.2 - DHCP Options Processing Remote Shell Command Execution
| EKU-ID: 40376 | CVE: CVE-2011-1930;OSVDB-73394 | OSVDB-ID: |
| Author: maximilian attems | Published: 2011-05-18 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 40376 | CVE: CVE-2011-1930;OSVDB-73394 | OSVDB-ID: |
| Author: maximilian attems | Published: 2011-05-18 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/47924/info klibc is prone to a shell-command-execution vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary shell commands in the context of the application that uses the vulnerable library. Versions prior to klibc 1.5.22 are vulnerable. DNSDOMAIN="\\\"\$(echo owned; touch /tmp/owned)"