What is CVE-2011-0997?

CVE-2011-0997 is a vulnerability in Isc Dhcp, classified under Improper Input Validation. Published 2011-04-08.

Is CVE-2011-0997 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Improper input validation in Isc Dhcp

CVE-2011-0997

dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, a…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.735 (98.8th percentile) — read the EPSS interpretation.

Affected products

Isc Dhcp — versions 3.0, 3.0.1, 3.0.2
Canonical Ubuntu_linux — versions 6.06, 8.04, 9.10
Debian Debian_linux — versions 5.0, 6.0, 7.0
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

Public proof-of-concept exploits

c-skills/CVEs

References

47176 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
ADV-2011-0886 (Permissions Required, vdb-entry, x_refsource_VUPEN)
44103 (x_refsource_SECUNIA, Third Party Advisory, third-party-advisory)
RHSA-2011:0840 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
44037 (x_refsource_SECUNIA, Third Party Advisory, third-party-advisory)
cve@mitre.org (x_refsource_CONFIRM, Patch, Third Party Advisory, Issue Tracking)
ADV-2011-0926 (Permissions Required, vdb-entry, x_refsource_VUPEN)
HPSBMU02752 (x_refsource_HP, vendor-advisory, Mailing List, Third Party Advisory)
44127 (x_refsource_SECUNIA, Third Party Advisory, third-party-advisory)
MDVSA-2011:073 (vendor-advisory, Third Party Advisory, x_refsource_MANDRIVA)

Frequently asked questions

What is CVE-2011-0997?: CVE-2011-0997 is a vulnerability in Isc Dhcp, classified under Improper Input Validation. Published 2011-04-08.
Is CVE-2011-0997 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.