Joined: 12 May 2004
|Posted: Wed Jan 09, 2013 2:26 am Post subject: [ GLSA 201301-04 ] dhcpcd: Arbitrary code execution
|Gentoo Linux Security Advisory
Title: dhcpcd: Arbitrary code execution (GLSA 201301-04)
Date: January 09, 2013
A vulnerability has been found in dhcpcd, allowing remote attackers
to execute arbitrary code on the DHCP client.
dhcpcd is a fully featured, yet light weight RFC2131 compliant DHCP
Vulnerable: < 5.2.12
Unaffected: >= 5.2.12
Architectures: All supported architectures
A vulnerability has been discovered in dhcpcd. Please review the CVE
identifier referenced below for details.
The vulnerability might allow an attacker to execute arbitrary code on
the DHCP client.
There is no known workaround at this time.
All dhcpcd users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/dhcpcd-5.2.12"