Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 DHCP:SERVER:ISC-CMD-INJ

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 DHCP

Keywords

 ISC Network Configuration Script Command Injection

Release Date

 2011/06/20

Update Number

 1942

Supported Platforms

 idp-4.0+, isg-3.4+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

DHCP: ISC Network Configuration Script Command Injection


This signature detects attempts to exploit a known vulnerability against ISC DHCP server. It is due to insufficient validation of responses sent by ISC DHCP server. A successful attack can lead to arbitrary command injection on the DHCP client.

Extended Description

The ISC DHCP client 'dhclient' is prone to a remote code-execution vulnerability because it fails to properly escape certain shell meta-characters from DHCP server responses. A remote attacker can exploit this issue through a rogue DHCP server. Successfully exploiting this issue allows a remote attacker to execute arbitrary code with superuser privileges, resulting in a complete compromise of the affected computer.

Affected Products

  • Apple AirPort Express Base Station with 802.11n Firmware 7.4.1
  • Apple AirPort Express Base Station with 802.11n Firmware 7.5.2
  • Apple Time Capsule Firmware 7.4.1
  • Apple Time Capsule Firmware 7.4.2
  • Apple Time Capsule Firmware 7.5
  • Apple Time Capsule Firmware 7.5.2
  • Apple Time Capsule
  • Avaya Aura Conferencing 6.0
  • Avaya Aura Conferencing 6.0.0 Standard
  • Avaya Aura Conferencing 6.0 SP1 Standard
  • Avaya Aura Conferencing 6.0 Standard
  • Avaya Aura Presence Services 6.0
  • Avaya Aura Presence Services 6.1
  • Avaya Aura SIP Enablement Services 5.2.1
  • Avaya Aura System Manager 5.2
  • Avaya Aura System Manager 6.0
  • Avaya Aura System Manager 6.0 SP1
  • Avaya Aura System Manager 6.1
  • Avaya Aura System Manager 6.1.1
  • Avaya Aura System Manager 6.1 Sp1
  • Avaya Aura System Manager 6.1 SP2
  • Avaya Aura System Platform 1.1
  • Avaya Aura System Platform 6.0
  • Avaya Aura System Platform 6.0 SP2
  • Avaya Aura System Platform 6.0 SP3
  • Avaya IP Office Application Server 6.0
  • Avaya IP Office Application Server 6.1
  • Avaya IQ 5
  • Avaya IQ 5.1
  • Avaya IQ 5.2
  • Avaya Meeting Exchange 5.1
  • Avaya Meeting Exchange 5.1 SP1
  • Avaya Meeting Exchange 5.2
  • Avaya Meeting Exchange 5.2 SP1
  • Avaya Meeting Exchange 5.2 SP2
  • Avaya Messaging Storage Server 5.0
  • Avaya Messaging Storage Server 5.1
  • Avaya Messaging Storage Server 5.1 SP1
  • Avaya Messaging Storage Server 5.1 SP2
  • Avaya Messaging Storage Server 5.2
  • Avaya Messaging Storage Server 5.2.2
  • Avaya Messaging Storage Server 5.2.8
  • Avaya Messaging Storage Server 5.2 SP1
  • Avaya Messaging Storage Server 5.2 SP2
  • Avaya Messaging Storage Server 5.2 SP3
  • Citrix XenServer 5.0 Update 3
  • Citrix XenServer 5.5
  • Citrix XenServer 5.6
  • Citrix XenServer 5.6 Common Criteria
  • Citrix XenServer 5.6 Feature Pack 1
  • Citrix XenServer 5.6 SP2
  • Debian Linux 5.0
  • Debian Linux 5.0 Alpha
  • Debian Linux 5.0 Amd64
  • Debian Linux 5.0 Arm
  • Debian Linux 5.0 Armel
  • Debian Linux 5.0 Hppa
  • Debian Linux 5.0 Ia-32
  • Debian Linux 5.0 Ia-64
  • Debian Linux 5.0 M68k
  • Debian Linux 5.0 Mips
  • Debian Linux 5.0 Mipsel
  • Debian Linux 5.0 Powerpc
  • Debian Linux 5.0 S/390
  • Debian Linux 5.0 Sparc
  • HP Insight Control for Linux (IC-Linux) 7.0
  • ISC DHCP Client 3.0
  • ISC DHCP Client 3.0.0 B1
  • ISC DHCP Client 3.0.0 B1pl14
  • ISC DHCP Client 3.0.0 B1pl17
  • ISC DHCP Client 3.1.2P1
  • ISC DHCP Client 4.0
  • ISC DHCP Client 4.0.1P1
  • ISC DHCP Client 4.0.2-P1
  • ISC DHCP Client 4.1
  • ISC DHCP Client 4.1.0P1
  • ISC DHCP Client 4.1.1-P1
  • ISC DHCPD 3.0.0
  • ISC DHCPD 3.0.0 B2pl23
  • ISC DHCPD 3.0.0 B2pl9
  • ISC DHCPD 3.0.0 Pl1
  • ISC DHCPD 3.0.0 Pl2
  • ISC DHCPD 3.0.0 Rc12
  • ISC DHCPD 3.0.0 Rc4
  • ISC DHCPD 3.0.1 Rc1
  • ISC DHCPD 3.0.1 Rc10
  • ISC DHCPD 3.0.1 Rc11
  • ISC DHCPD 3.0.1 Rc12
  • ISC DHCPD 3.0.1 Rc13
  • ISC DHCPD 3.0.1 Rc14
  • ISC DHCPD 3.0.1 Rc2
  • ISC DHCPD 3.0.1 Rc3
  • ISC DHCPD 3.0.1 Rc4
  • ISC DHCPD 3.0.1 Rc5
  • ISC DHCPD 3.0.1 Rc6
  • ISC DHCPD 3.0.1 Rc7
  • ISC DHCPD 3.0.1 Rc8
  • ISC DHCPD 3.0.1 Rc9
  • ISC DHCPD 3.0.2Rc1
  • ISC DHCPD 3.0.4
  • ISC DHCPD 3.0.5B1
  • ISC DHCPD 3.1.1
  • ISC DHCPD 4.0
  • ISC DHCPD 4.0.1P1
  • ISC DHCPD 4.0.2-P1
  • ISC DHCPD 4.1
  • ISC DHCPD 4.1.1
  • ISC DHCPD 4.1.1-P1
  • Mandriva Corporate Server 4.0
  • Mandriva Corporate Server 4.0.0 X86 64
  • Mandriva Enterprise Server 5
  • Mandriva Enterprise Server 5 X86 64
  • Mandriva Linux Mandrake 2009.0
  • Mandriva Linux Mandrake 2009.0 X86 64
  • Mandriva Linux Mandrake 2010.0
  • Mandriva Linux Mandrake 2010.0 X86 64
  • Mandriva Linux Mandrake 2010.1
  • Mandriva Linux Mandrake 2010.1 X86 64
  • NetBSD 4.0
  • NetBSD 4.0.1
  • NetBSD 4.0.2
  • NetBSD 4,0 Beta
  • NetBSD 4.0 BETA2
  • NetBSD 5.0
  • NetBSD 5.0.1
  • NetBSD 5.0.2
  • NetBSD 5.0 RC3
  • NetBSD 5.1
  • NetBSD Current
  • Pardus Linux 2009
  • Red Hat Enterprise Linux 5 Server
  • Red Hat Enterprise Linux Desktop Version 4
  • Red Hat Enterprise Linux AS 3
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux Desktop 5 Client
  • Red Hat Enterprise Linux Desktop 6
  • Red Hat Enterprise Linux Desktop Optional 6
  • Red Hat Enterprise Linux Desktop Workstation 5 Client
  • Red Hat Enterprise Linux ES 3
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux HPC Node 6
  • Red Hat Enterprise Linux HPC Node Optional 6
  • Red Hat Enterprise Linux Server 6
  • Red Hat Enterprise Linux Server Optional 6
  • Red Hat Enterprise Linux Workstation 6
  • Red Hat Enterprise Linux Workstation Optional 6
  • Red Hat Enterprise Linux WS 4
  • Red Hat Fedora 13
  • Red Hat Fedora 14
  • Red Hat Fedora 15
  • Slackware Linux 10.0.0
  • Slackware Linux 10.1.0
  • Slackware Linux 10.2.0
  • Slackware Linux 11.0
  • Slackware Linux 12.0
  • Slackware Linux 12.1
  • Slackware Linux 12.2
  • Slackware Linux 13.0
  • Slackware Linux 13.0 X86 64
  • Slackware Linux 13.1
  • Slackware Linux 13.1 X86 64
  • Slackware Linux 9.0.0
  • Slackware Linux 9.1.0
  • Slackware Linux -Current
  • Slackware Linux X86 64 -Current
  • SuSE Novell Linux POS 9
  • SuSE Open-Enterprise-Server
  • SuSE openSUSE 11.2
  • SuSE openSUSE 11.3
  • SuSE openSUSE 11.4
  • SuSE SUSE Linux Enterprise 10 SP2
  • SuSE SUSE Linux Enterprise 10 SP3
  • SuSE SUSE Linux Enterprise 10 SP4
  • SuSE SUSE Linux Enterprise 11 SP1
  • SuSE SUSE Linux Enterprise Server 9
  • Ubuntu Ubuntu Linux 10.04 Amd64
  • Ubuntu Ubuntu Linux 10.04 ARM
  • Ubuntu Ubuntu Linux 10.04 I386
  • Ubuntu Ubuntu Linux 10.04 LTS
  • Ubuntu Ubuntu Linux 10.04 Powerpc
  • Ubuntu Ubuntu Linux 10.04 Sparc
  • Ubuntu Ubuntu Linux 10.10 amd64
  • Ubuntu Ubuntu Linux 10.10 ARM
  • Ubuntu Ubuntu Linux 10.10 i386
  • Ubuntu Ubuntu Linux 10.10 powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Amd64
  • Ubuntu Ubuntu Linux 6.06 LTS I386
  • Ubuntu Ubuntu Linux 6.06 LTS Powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Sparc
  • Ubuntu Ubuntu Linux 8.04 LTS Amd64
  • Ubuntu Ubuntu Linux 8.04 LTS I386
  • Ubuntu Ubuntu Linux 8.04 LTS Lpia
  • Ubuntu Ubuntu Linux 8.04 LTS Powerpc
  • Ubuntu Ubuntu Linux 8.04 LTS Sparc
  • Ubuntu Ubuntu Linux 9.10
  • Ubuntu Ubuntu Linux 9.10 Amd64
  • Ubuntu Ubuntu Linux 9.10 ARM
  • Ubuntu Ubuntu Linux 9.10 I386
  • Ubuntu Ubuntu Linux 9.10 Lpia
  • Ubuntu Ubuntu Linux 9.10 Powerpc
  • Ubuntu Ubuntu Linux 9.10 Sparc
  • VMWare ESX 3.5
  • VMWare ESX 4.0
  • VMWare ESX 4.0
  • VMWare ESX 4.1
  • VMWare ESX Server 3.0.3
  • VMWare ESX Server 3.5
  • VMWare ESX Server 4.0
  • VMWare ESX Server 4.1

References

  • BugTraq: 47176
  • CVE: CVE-2011-0997

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out