[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#635548: Affected by variant of CVE-2011-0097

27.07.2011 00:52, Moritz Muehlenhoff wrote:
> Package: udhcpc
> Severity: grave
> Tags: security
> Dear Busybox maintainers,
> it was discovered that busybox's udhcpc is also affected by 
> https://www.isc.org/software/dhcp/advisories/cve-2011-0997 


How about checking various IP addresses for range?
I mean, a rogue DHCP server may assign some
address to the client, and try to bypass some "non-localhost"
restrictions on it.  Should we try to detect and filter these

And what if we're a (small) LAN connected to an ISP which uses
DHCP, and assigns an address from our own LAN to their end?

Shouldn't this all be filtered/checked in the script that gets
called by the server?  But wait, there are many unsuspecting
scripts out there already... :(

I'll take a look what can be done with this.



Reply to: