PT-2002-1779 · Suse · Sysconfig

Published

2002-08-12

Updated

2008-09-10

CVE-2002-0758

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions sysconfig package for SuSE version 8.0

Description The ifup-dhcp script in the sysconfig package allows remote attackers to execute arbitrary commands via spoofed DHCP responses. These responses are stored and executed in a file, enabling the attacker to perform unauthorized actions.

Recommendations For SuSE 8.0, consider disabling the ifup-dhcp script until a patch is available to prevent the execution of arbitrary commands via spoofed DHCP responses. Restrict access to the affected script to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0758

Affected Products

Sysconfig

PT-2002-1779 · Suse · Sysconfig

CVE-2002-0758

Related Identifiers

Affected Products

References · 4