Vulnerabilties DdQs2lwX4AEVD2i

Published on May 16th, 2018 📆 | 5005 Views ⚑

0

CVE-2018-1111: Red Hat DHCP Client Script Code Execution Vulnerability

On May 15, Red Hat officially issued a notice that it fixed a DHCP Client related vulnerability(CVE-2018-1111). When the system uses NetworkManager and configures the DHCP protocol, an attacker can use a malicious DHCP server or DHCP response constructed by the local network to execute arbitrary commands on the system with root privileges.

 

▼Advertisement

CVE-2018-1111 Affected Versions

  • Red Hat Enterprise Linux Server 6
  • Red Hat Enterprise Linux Server 7

CVE-2018-1111 Unaffected Version

Product Package Advisory/Update
Red Hat Enterprise Linux 7 (z-stream) dhclient RHSA-2018:1453
Red Hat Enterprise Linux 7.4 Extended Update Support * dhclient RHSA-2018:1455
Red Hat Enterprise Linux 7.3 Extended Update Support * dhclient RHSA-2018:1456
Red Hat Enterprise Linux 7.2 Advanced Update Support, Telco Extended Update Support, and Update Services for SAP Solutions **,***,**** dhclient RHSA-2018:1457
Red Hat Enterprise Linux 6 (z-stream) dhclient RHSA-2018:1454
Red Hat Enterprise Linux 6.7 Extended Update Support * dhclient RHSA-2018:1458
Red Hat Enterprise Linux 6.6 Advanced Update Support and Telco Extended Update Support **,*** dhclient RHSA-2018:1459
Red Hat Enterprise Linux 6.5 Advanced Update Support ** dhclient RHSA-2018:1460
Red Hat Enterprise Linux 6.4 Advanced Update Support  ** dhclient RHSA-2018:1461

Solution

The official version of Red Hat has released a new version to fix the above vulnerabilities. Users should upgrade and protect them in time.

Because NetworkManager is enabled by default in a DHCP-based environment, it is strongly recommended that affected users install updates as soon as possible.

Download WordPress Themes
Free Download WordPress Themes
Download Best WordPress Themes Free Download
Free Download WordPress Themes
free download udemy paid course



Leave a Reply ✍


loading...