Security alert: flaw in dhclient allows malicious DHCP server to run privileged commands remotely

Posted by Curtis K in Administration, Announcements, CentOS 6, CentOS 7, News, Security, Security Alerts May, 17 2018 No Comments

A new vulnerability, CVE-2018-1111, has been recently announced; it allows a malicious DHCP server to send a specially crafted response that can run privileged commands on a DHCP client that is running dhclient. This affects dhclient on both Centos Linux 6 and CentOS Linux 7 systems.

RedHat have released an updated to patch the flaw in dhclient. It can be assumed that versions of before dhclient-4.2.5-68.el7 are vulnerable.

yum update dhclient

For more information about the vulnerability, see RedHat’s post here: https://access.redhat.com/security/vulnerabilities/3442151

Tags With: CVE-2018-1111 CentOS CVE-2018-1111 CentOS 6 CVE-2018-1111 CentOS 7 CVE-2018-1111 CentOS Linux CVE-2018-1111 CentOS Linux 6 CVE-2018-1111 CentOS Linux 7 dhclient exploit CentOS dhclient exploit CentOS 6 dhclient exploit CentOS 7 dhclient exploit CentOS Linux dhclient exploit CentOS Linux 6 dhclient exploit CentOS Linux 7 dhclient vulnerability CentOS dhclient vulnerability CentOS 6 dhclient vulnerability CentOS 7 dhclient vulnerability CentOS Linux dhclient vulnerability CentOS Linux 6 dhclient vulnerability CentOS Linux 7

About Author: Curtis K

Hi! My name is Curtis, and I am the author of CentOS Blog. Please feel free to comment with any suggestions, feedback or questions!

Security alert: flaw in dhclient allows malicious DHCP server to run privileged commands remotely

About Author: Curtis K

Recent Posts

Latest CentOS Kernel version