Fwd: dhclient and CVE-2011-0997...?
    Chuck Swiger 
    cswiger at mac.com
       
    Tue Apr 19 17:20:06 UTC 2011
    
    
  
Hi--
Are folks familiar with:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997
  http://www.isc.org/software/dhcp/advisories/cve-2011-0997
  http://nakedsecurity.sophos.com/2011/04/07/flaw-in-iscs-dhclient-could-allow-remote-code-execution/
Checking http://www.freebsd.org/cgi/cvsweb.cgi/src/sbin/dhclient/dhclient.c, I don't see signs that it may have been updated.  But, I also can't readily tell which version of dhclient FreeBSD actually has and how much it might have been changed from the ISC version.  :-)
Regards,
-- 
-Chuck
    
    
More information about the freebsd-security
mailing list