Vulnerability Description
dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to execute arbitrary code via shell metacharacters that are fed from a dhcpd .info script into a .exe script.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Phystech | Dhcpcd | 1.3.17_pl2 |
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000549
- http://marc.info/?l=bugtraq&m=104189546709447&w=2
- http://www.debian.org/security/2002/dsa-219PatchVendor Advisory
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:003
- http://www.securityfocus.com/bid/6200
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10663
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000549
- http://marc.info/?l=bugtraq&m=104189546709447&w=2
- http://www.debian.org/security/2002/dsa-219PatchVendor Advisory
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:003
- http://www.securityfocus.com/bid/6200
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10663
FAQ
What is CVE-2002-1403?
CVE-2002-1403 is a vulnerability with a CVSS score of 7.2 (HIGH). dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to execute arbitrary code via shell metacharacters that are fed from a dhcpd .info script into a .exe script.
How severe is CVE-2002-1403?
CVE-2002-1403 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1403?
Check the references section above for vendor advisories and patch information. Affected products include: Phystech Dhcpcd.