DHCP: Red Hat Enterprise Linux Server CVE-2018-1111 Code Execution
This signature detects attempts to exploit a known vulnerability against Red Hat Enterprise Linux Server. A successful exploit could allow the attacker to inject and execute arbitrary script commands with root privileges on the system.
Extended Description
DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.
Affected Products
Redhat enterprise_linux_workstation
References
BugTraq: 104195
CVE: CVE-2018-1111
URL: https://github.com/knqyf263/CVE-2018-1111/ https://bugzilla.redhat.com/show_bug.cgi?id=1578362
Short Name
DHCP:OPT:REDHAT-CLIENT-SCRIPT
Severity
Major
Recommended
False
Recommended Action
None
Category
DHCP
Keywords
CVE-2018-1111 Code Enterprise Execution Hat Linux Red Server bid:104195
Release Date
05/28/2018
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Rarely
Vendors
Fedoraproject
Redhat
CVSS Score
7.9