dhclient and CVE-2011-0997...?
Patrick Lamaiziere
patfbsd at davenulle.org
Wed Apr 20 07:50:16 UTC 2011
Le Tue, 19 Apr 2011 10:19:46 -0700,
Chuck Swiger <cswiger at mac.com> a écrit :
> Hi--
>
> Are folks familiar with:
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997
> http://www.isc.org/software/dhcp/advisories/cve-2011-0997
> http://nakedsecurity.sophos.com/2011/04/07/flaw-in-iscs-dhclient-could-allow-remote-code-execution/
>
> Checking
> http://www.freebsd.org/cgi/cvsweb.cgi/src/sbin/dhclient/dhclient.c, I
> don't see signs that it may have been updated. But, I also can't
> readily tell which version of dhclient FreeBSD actually has and how
> much it might have been changed from the ISC version. :-)
FreeBSD uses the OpenBSD dhclient, not the ISC one.
Regards.
More information about the freebsd-security
mailing list