CVE-2011-2660

Name of the Vulnerable Software and Affected Versions vpnc versions prior to 0.5.1-55.10.1

Description The issue concerns a potential command execution vulnerability in the modify resolvconf suse script within the vpnc package. This could allow remote attackers to execute arbitrary commands via a crafted DNS domain name, potentially leading to a breach of confidentiality, integrity, and availability of protected information. The exploitation of this issue can be carried out remotely.

Recommendations For versions prior to 0.5.1-55.10.1, update to version 0.5.1-55.10.1 or later to resolve the issue.