Details of VAR-201104-0082

ID

VAR-201104-0082

CVE

CVE-2011-0997

TITLE

ISC dhclient vulnerability

Trust: 0.8

sources: CERT/CC: VU#107886

DESCRIPTION

dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script. In addition, ISC Has released the following vulnerability information. Depending on the script and OS, this can result in execution of exploit code on the client."A remote attacker could execute arbitrary code. Apple From Apple Time Capsule and AirPort Base Station (802.11n) Firmware update for has been released.Crafted DHCP Any command may be executed by processing the response. Additionally for Corporate Server 4 and Enterprise Server 5 ISC DHCP has been upgraded from the 3.0.7 version to the 4.1.2-P1 version which brings many enhancements such as better ipv6 support. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have upgraded to the 4.1.2-P1 version and patched to correct this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997 http://ftp.isc.org/isc/dhcp/dhcp-4.1.2-P1-RELNOTES https://www.isc.org/software/dhcp/advisories/cve-2011-0997 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: 0fe2b147ebdba8b68f69ddc27160db5c 2009.0/i586/dhcp-client-4.1.2-0.4mdv2009.0.i586.rpm f4ee7090da2bec5cb4482f2fa21beb8b 2009.0/i586/dhcp-common-4.1.2-0.4mdv2009.0.i586.rpm a4a5bd2f2d8f4d40a4c60d5dde55307c 2009.0/i586/dhcp-devel-4.1.2-0.4mdv2009.0.i586.rpm 814bc88e335fb03901f326300ae92961 2009.0/i586/dhcp-doc-4.1.2-0.4mdv2009.0.i586.rpm ec52571bb8002e9394b1eb6e6fc95b64 2009.0/i586/dhcp-relay-4.1.2-0.4mdv2009.0.i586.rpm e7fed43b5db92babf8ca3acbd7210b7f 2009.0/i586/dhcp-server-4.1.2-0.4mdv2009.0.i586.rpm 18489ac449e257f1fa9aad9e7a054b45 2009.0/SRPMS/dhcp-4.1.2-0.4mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: b557459f67de2b8ec481d313d9a26cb2 2009.0/x86_64/dhcp-client-4.1.2-0.4mdv2009.0.x86_64.rpm b4ea7a9670866fff6cd3f4eb77073a84 2009.0/x86_64/dhcp-common-4.1.2-0.4mdv2009.0.x86_64.rpm 4f9a9c9a9815697e17a65b942771e31d 2009.0/x86_64/dhcp-devel-4.1.2-0.4mdv2009.0.x86_64.rpm df18345c665846817880f815af0ad0e8 2009.0/x86_64/dhcp-doc-4.1.2-0.4mdv2009.0.x86_64.rpm eac313ff664e3ea9f8e4c3818d7b7387 2009.0/x86_64/dhcp-relay-4.1.2-0.4mdv2009.0.x86_64.rpm 48cca35591072588de0e1b9f00ca88eb 2009.0/x86_64/dhcp-server-4.1.2-0.4mdv2009.0.x86_64.rpm 18489ac449e257f1fa9aad9e7a054b45 2009.0/SRPMS/dhcp-4.1.2-0.4mdv2009.0.src.rpm Mandriva Linux 2010.0: 88ba2b9d0ccfddf8b1b6f516851d08ce 2010.0/i586/dhcp-client-4.1.2-0.4mdv2010.0.i586.rpm 1475209ee7b9fb9b7f26ad5b20afcdcf 2010.0/i586/dhcp-common-4.1.2-0.4mdv2010.0.i586.rpm ea29d2bfd21b02a56057cd36dc21f43a 2010.0/i586/dhcp-devel-4.1.2-0.4mdv2010.0.i586.rpm 067c3ac4f7530e447f82bbe4326253a3 2010.0/i586/dhcp-doc-4.1.2-0.4mdv2010.0.i586.rpm 409516cfb0004d5f4522040b81433ce7 2010.0/i586/dhcp-relay-4.1.2-0.4mdv2010.0.i586.rpm a23871dfa6632571cdf4a2559941ad89 2010.0/i586/dhcp-server-4.1.2-0.4mdv2010.0.i586.rpm 265c9ec68af7e23baf8b1b6fcc4cc64f 2010.0/SRPMS/dhcp-4.1.2-0.4mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: 403dfe148141d926bc2f5e31c18360ba 2010.0/x86_64/dhcp-client-4.1.2-0.4mdv2010.0.x86_64.rpm 2cd0331b9935442a68d606e1d58b0608 2010.0/x86_64/dhcp-common-4.1.2-0.4mdv2010.0.x86_64.rpm 80a31ea430793ce9d2269c9d31aa03bd 2010.0/x86_64/dhcp-devel-4.1.2-0.4mdv2010.0.x86_64.rpm d5053dc644215e70dfc5380afdbc90c4 2010.0/x86_64/dhcp-doc-4.1.2-0.4mdv2010.0.x86_64.rpm 377fe3099561dd0a795617977164b91f 2010.0/x86_64/dhcp-relay-4.1.2-0.4mdv2010.0.x86_64.rpm 57b98ba8696c7a7d20ab96a823f4ff0d 2010.0/x86_64/dhcp-server-4.1.2-0.4mdv2010.0.x86_64.rpm 265c9ec68af7e23baf8b1b6fcc4cc64f 2010.0/SRPMS/dhcp-4.1.2-0.4mdv2010.0.src.rpm Mandriva Linux 2010.1: 5b603213aa47a9772cf786ae6ee046da 2010.1/i586/dhcp-client-4.1.2-0.4mdv2010.2.i586.rpm 3046be07aaa09d1b39fcc8c07ef25e58 2010.1/i586/dhcp-common-4.1.2-0.4mdv2010.2.i586.rpm 1b5a481f6db0b53e666884cfda6ac44c 2010.1/i586/dhcp-devel-4.1.2-0.4mdv2010.2.i586.rpm 279beab531b59a715c946a00bd58fc48 2010.1/i586/dhcp-doc-4.1.2-0.4mdv2010.2.i586.rpm a328ab24b56f1ac03f8f420acd0a3806 2010.1/i586/dhcp-relay-4.1.2-0.4mdv2010.2.i586.rpm f7c61c55748270add2fe45d3245895c8 2010.1/i586/dhcp-server-4.1.2-0.4mdv2010.2.i586.rpm 30d4e8965d393765fb98b425889df126 2010.1/SRPMS/dhcp-4.1.2-0.4mdv2010.2.src.rpm Mandriva Linux 2010.1/X86_64: 27f78c74028b1ea64dbd596c05cfa83f 2010.1/x86_64/dhcp-client-4.1.2-0.4mdv2010.2.x86_64.rpm ab56614386900415fecba15f4c17db13 2010.1/x86_64/dhcp-common-4.1.2-0.4mdv2010.2.x86_64.rpm 535a2eb4b6a4b1f78f47201e0b4249c3 2010.1/x86_64/dhcp-devel-4.1.2-0.4mdv2010.2.x86_64.rpm 64e9bac6fe8f4dbee3e1aebd5d91e977 2010.1/x86_64/dhcp-doc-4.1.2-0.4mdv2010.2.x86_64.rpm 612892e71f2aeddfd8b55cd7ac220247 2010.1/x86_64/dhcp-relay-4.1.2-0.4mdv2010.2.x86_64.rpm 9bb46bca8de30ee4b99bfe09867a3924 2010.1/x86_64/dhcp-server-4.1.2-0.4mdv2010.2.x86_64.rpm 30d4e8965d393765fb98b425889df126 2010.1/SRPMS/dhcp-4.1.2-0.4mdv2010.2.src.rpm Corporate 4.0: f49d86732da26402b022b2d980049c03 corporate/4.0/i586/dhcp-client-4.1.2-0.4.20060mlcs4.i586.rpm acd985bc51c25cc42325befb357b0dcc corporate/4.0/i586/dhcp-common-4.1.2-0.4.20060mlcs4.i586.rpm c01506a802e46af23c8f10a72c6a0eb2 corporate/4.0/i586/dhcp-devel-4.1.2-0.4.20060mlcs4.i586.rpm 81522530fa5e97057d6eeea18ad7bec3 corporate/4.0/i586/dhcp-doc-4.1.2-0.4.20060mlcs4.i586.rpm 2ebfdf7ee9224b7403c4ab5e8370d9ab corporate/4.0/i586/dhcp-relay-4.1.2-0.4.20060mlcs4.i586.rpm c2bbacf8934b9e3dc78cdb49cd811ec9 corporate/4.0/i586/dhcp-server-4.1.2-0.4.20060mlcs4.i586.rpm ac3031a0c5dfeb6274aa28d669e66cba corporate/4.0/SRPMS/dhcp-4.1.2-0.4.20060mlcs4.src.rpm Corporate 4.0/X86_64: 2747bf835e111141b9a91dc320eeab43 corporate/4.0/x86_64/dhcp-client-4.1.2-0.4.20060mlcs4.x86_64.rpm 0c998112346a5da94e09d55c996d6dff corporate/4.0/x86_64/dhcp-common-4.1.2-0.4.20060mlcs4.x86_64.rpm fd38ef505da0c593ef900895abeb1ddc corporate/4.0/x86_64/dhcp-devel-4.1.2-0.4.20060mlcs4.x86_64.rpm 69b3d6cbf21c46828de40a322fd1310d corporate/4.0/x86_64/dhcp-doc-4.1.2-0.4.20060mlcs4.x86_64.rpm c5acb788ae76e674952d656fa9b0d1a5 corporate/4.0/x86_64/dhcp-relay-4.1.2-0.4.20060mlcs4.x86_64.rpm e19db50139a291a7acd23491af5f8d54 corporate/4.0/x86_64/dhcp-server-4.1.2-0.4.20060mlcs4.x86_64.rpm ac3031a0c5dfeb6274aa28d669e66cba corporate/4.0/SRPMS/dhcp-4.1.2-0.4.20060mlcs4.src.rpm Mandriva Enterprise Server 5: 7cbe686b047a6fd6f95cda44669e5862 mes5/i586/dhcp-client-4.1.2-0.4mdvmes5.2.i586.rpm af8b9fe15591b76c11f2257e0cb43a37 mes5/i586/dhcp-common-4.1.2-0.4mdvmes5.2.i586.rpm 2a22a53e6de1a9333c36c5cc250c5ac4 mes5/i586/dhcp-devel-4.1.2-0.4mdvmes5.2.i586.rpm 9ca551145fc79919000a61419e72de37 mes5/i586/dhcp-doc-4.1.2-0.4mdvmes5.2.i586.rpm e9faa5fae712882720b107eb02e51f1f mes5/i586/dhcp-relay-4.1.2-0.4mdvmes5.2.i586.rpm 8568f3bac9dd6654b63ebee94c33275e mes5/i586/dhcp-server-4.1.2-0.4mdvmes5.2.i586.rpm 0e5415cf40dde2931cd1b81aada5e7f7 mes5/SRPMS/dhcp-4.1.2-0.4mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: 87ae497e9b94fb842718b4fbefb55474 mes5/x86_64/dhcp-client-4.1.2-0.4mdvmes5.2.x86_64.rpm 71d70558972e1f0729513fce69183de2 mes5/x86_64/dhcp-common-4.1.2-0.4mdvmes5.2.x86_64.rpm 0f12150d87816bd1770388d8dc309d21 mes5/x86_64/dhcp-devel-4.1.2-0.4mdvmes5.2.x86_64.rpm 0450f2a86dab4988d1c96a8e9747104f mes5/x86_64/dhcp-doc-4.1.2-0.4mdvmes5.2.x86_64.rpm 6a043f417310b6229e8fb8d967c12a8d mes5/x86_64/dhcp-relay-4.1.2-0.4mdvmes5.2.x86_64.rpm e4281f48c410412f60fd33f095b9199c mes5/x86_64/dhcp-server-4.1.2-0.4mdvmes5.2.x86_64.rpm 0e5415cf40dde2931cd1b81aada5e7f7 mes5/SRPMS/dhcp-4.1.2-0.4mdvmes5.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 6.8 (AV:A/AC:L/Au:N/C:P/I:N/A:C) For more information on CVSS scores, visit http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2 Workarounds: On SUSE systems, it is possible to disable hostname update by setting DHCLIENT_SET_HOSTNAME="no" in /etc/sysconfig/network/dhcp. Other systems may add following line to dhclient-script at the beginning of the set_hostname() function: new_host_name=${new_host_name//[^-.a-zA-Z0-9]/} In environments where filters/acls can be put into place to limit clients to accessing only legitimate dhcp servers, this will protect clients from rogue dhcp servers deliberately trying to exploit this bug. However, this will not protect from compromised servers. Active exploits: None known at this time. https://www.isc.org/downloads/all No patch is available for 4.0.x as it is EOL. Anyone running 4.1.x should upgrade to 4.1-ESV-R2. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2216-1 security@debian.org http://www.debian.org/security/ Nico Golde April 10, 2011 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : isc-dhcp Vulnerability : missing input sanitization Problem type : remote Debian-specific: no CVE ID : CVE-2011-0997 Debian bug : 621099 Sebastian Krahmer and Marius Tomaschewski discovered that dhclient of isc-dhcp, a DHCP client, is not properly filtering shell meta-characters in certain options in DHCP server responses. These options are reused in an insecure fashion by dhclient scripts. For the oldstable distribution (lenny), this problem has been fixed in additional update for dhcp3. For the stable distribution (squeeze), this problem has been fixed in version 4.1.1-P1-15+squeeze2. For the testing distribution (wheezy), this problem will be fixed soon. For the unstable distribution (sid), this problem has been fixed in version 4.1.1-P1-16.1. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk2iJ1AACgkQHYflSXNkfP8fEwCglH3YEMa8hlo7ChGFlvT7K9v5 BMcAoIuGqJofENG1o5SiXU1/E9qEF/Am =5Q/C -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201301-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: ISC DHCP: Denial of Service Date: January 09, 2013 Bugs: #362453, #378799, #393617, #398763, #428120, #434880 ID: 201301-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in ISC DHCP, the worst of which may allow remote Denial of Service. Background ========== ISC DHCP is a Dynamic Host Configuration Protocol (DHCP) client/server. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/dhcp < 4.2.4_p2 >= 4.2.4_p2 Description =========== Multiple vulnerabilities have been discovered in ISC DHCP. Please review the CVE identifiers referenced below for details. Resolution ========== All ISC DHCP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/dhcp-4.2.4_p2" References ========== [ 1 ] CVE-2011-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0997 [ 2 ] CVE-2011-2748 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2748 [ 3 ] CVE-2011-2749 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2749 [ 4 ] CVE-2011-4539 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4539 [ 5 ] CVE-2011-4868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4868 [ 6 ] CVE-2012-3570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3570 [ 7 ] CVE-2012-3571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3571 [ 8 ] CVE-2012-3954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3954 [ 9 ] CVE-2012-3955 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3955 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201301-06.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . ========================================================================== Ubuntu Security Notice USN-1108-2 April 19, 2011 dhcp3 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 10.10 - Ubuntu 10.04 LTS - Ubuntu 9.10 Summary: An attacker's DHCP server could send crafted responses to your computer and cause it to run programs as root. Software Description: - dhcp3: DHCP Client Details: USN-1108-1 fixed vulnerabilities in DHCP. Due to an error, the patch to fix the vulnerability was not properly applied on Ubuntu 9.10 and higher. Original advisory details: Sebastian Krahmer discovered that the dhclient utility incorrectly filtered crafted responses. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.10: dhcp3-client 3.1.3-2ubuntu6.2 Ubuntu 10.04 LTS: dhcp3-client 3.1.3-2ubuntu3.2 Ubuntu 9.10: dhcp3-client 3.1.2-1ubuntu7.3 In general, a standard system update will make all the necessary changes. References: CVE-2011-0997 Package Information: https://launchpad.net/ubuntu/+source/dhcp3/3.1.3-2ubuntu6.2 https://launchpad.net/ubuntu/+source/dhcp3/3.1.3-2ubuntu3.2 https://launchpad.net/ubuntu/+source/dhcp3/3.1.2-1ubuntu7.3 . ---------------------------------------------------------------------- Q1 Factsheets released: http://secunia.com/resources/factsheets/2011_vendor/ ---------------------------------------------------------------------- TITLE: ISC DHCP "dhclient" Response Processing Input Sanitation Vulnerability SECUNIA ADVISORY ID: SA44037 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44037/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44037 RELEASE DATE: 2011-04-07 DISCUSS ADVISORY: http://secunia.com/advisories/44037/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44037/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44037 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in ISC DHCP, which can be exploited by malicious people to compromise a vulnerable system. This can be exploited to submit shell commands to the "dhclient-script" script via e.g. a specially crafted "hostname" response. The vulnerability is reported in versions 3.0.x through 4.2.x. SOLUTION: Update to version 3.1-ESV-R1 and 4.1-ESV-R2 or 4.2.1-P1. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Sebastian Krahmer and Marius Tomaschewski, SUSE Security Team. ORIGINAL ADVISORY: https://www.isc.org/software/dhcp/advisories/cve-2011-0997 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 3.78

sources: NVD: CVE-2011-0997 // CERT/CC: VU#107886 // JVNDB: JVNDB-2011-001456 // JVNDB: JVNDB-2011-003066 // VULMON: CVE-2011-0997 // PACKETSTORM: 100277 // PACKETSTORM: 100160 // PACKETSTORM: 100273 // PACKETSTORM: 119354 // PACKETSTORM: 100274 // PACKETSTORM: 100583 // PACKETSTORM: 100149

AFFECTED PRODUCTS

vendor:	isc	model:	dhcp	scope:	eq	version:	4.2.0	Trust: 1.6
vendor:	isc	model:	dhcp	scope:	eq	version:	4.1-esv	Trust: 1.6
vendor:	isc	model:	dhcp	scope:	eq	version:	4.2.1	Trust: 1.6
vendor:	debian	model:	linux	scope:	eq	version:	6.0	Trust: 1.0
vendor:	isc	model:	dhcp	scope:	eq	version:	3.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	10.04	Trust: 1.0
vendor:	isc	model:	dhcp	scope:	eq	version:	3.0.2	Trust: 1.0
vendor:	isc	model:	dhcp	scope:	eq	version:	3.0.6	Trust: 1.0
vendor:	isc	model:	dhcp	scope:	eq	version:	3.0.1	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	6.06	Trust: 1.0
vendor:	isc	model:	dhcp	scope:	eq	version:	3.0.3	Trust: 1.0
vendor:	isc	model:	dhcp	scope:	eq	version:	3.1.3	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	9.10	Trust: 1.0
vendor:	isc	model:	dhcp	scope:	eq	version:	3.1.2	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	10.10	Trust: 1.0
vendor:	isc	model:	dhcp	scope:	eq	version:	3.0.5	Trust: 1.0
vendor:	isc	model:	dhcp	scope:	eq	version:	3.1.0	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	7.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	8.04	Trust: 1.0
vendor:	isc	model:	dhcp	scope:	eq	version:	3.1.1	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	5.0	Trust: 1.0
vendor:	isc	model:	dhcp	scope:	eq	version:	3.1-esv	Trust: 1.0
vendor:	isc	model:	dhcp	scope:	eq	version:	3.0.4	Trust: 1.0
vendor:	debian gnu linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	fedora	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	internet consortium	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	mandriva s a	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	red hat	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	slackware linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	ubuntu	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	isc	model:	dhcp	scope:	lt	version:	3.1-esv-r1 earlier	Trust: 0.8
vendor:	isc	model:	dhcp	scope:	lt	version:	4.1-esv-r2 earlier	Trust: 0.8
vendor:	isc	model:	dhcp	scope:	lt	version:	4.2.1-p1 earlier	Trust: 0.8
vendor:	vmware	model:	esx	scope:	eq	version:	3.0.3	Trust: 0.8
vendor:	vmware	model:	esx	scope:	eq	version:	3.5	Trust: 0.8
vendor:	vmware	model:	esx	scope:	eq	version:	4.0	Trust: 0.8
vendor:	vmware	model:	esx	scope:	eq	version:	4.1	Trust: 0.8
vendor:	turbo linux	model:	turbolinux appliance server	scope:	eq	version:	2.0 ( extended maintenance )	Trust: 0.8
vendor:	turbo linux	model:	turbolinux appliance server	scope:	eq	version:	3.0	Trust: 0.8
vendor:	turbo linux	model:	turbolinux appliance server	scope:	eq	version:	3.0 (x64)	Trust: 0.8
vendor:	turbo linux	model:	turbolinux server	scope:	eq	version:	10 ( extended maintenance )	Trust: 0.8
vendor:	turbo linux	model:	turbolinux server	scope:	eq	version:	10 (x64) ( extended maintenance )	Trust: 0.8
vendor:	turbo linux	model:	turbolinux server	scope:	eq	version:	11	Trust: 0.8
vendor:	turbo linux	model:	turbolinux server	scope:	eq	version:	11 (x64)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4 (as)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4 (es)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4 (ws)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4.8 (as)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4.8 (es)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	5 (server)	Trust: 0.8
vendor:	red hat	model:	enterprise linux desktop	scope:	eq	version:	4.0	Trust: 0.8
vendor:	red hat	model:	enterprise linux desktop	scope:	eq	version:	5.0 (client)	Trust: 0.8
vendor:	red hat	model:	enterprise linux desktop	scope:	eq	version:	6	Trust: 0.8
vendor:	red hat	model:	enterprise linux els	scope:	eq	version:	3	Trust: 0.8
vendor:	red hat	model:	enterprise linux hpc node	scope:	eq	version:	6	Trust: 0.8
vendor:	red hat	model:	enterprise linux long life	scope:	eq	version:	(v. 5.6 server)	Trust: 0.8
vendor:	red hat	model:	enterprise linux server	scope:	eq	version:	6	Trust: 0.8
vendor:	red hat	model:	enterprise linux workstation	scope:	eq	version:	6	Trust: 0.8
vendor:	red hat	model:	rhel desktop workstation	scope:	eq	version:	5 (client)	Trust: 0.8
vendor:	apple	model:	airmac base station	scope:	lt	version:	7.6	Trust: 0.8
vendor:	apple	model:	time capsule	scope:	-	version:	-	Trust: 0.8

sources: CERT/CC: VU#107886 // JVNDB: JVNDB-2011-001456 // JVNDB: JVNDB-2011-003066 // CNNVD: CNNVD-201104-043 // NVD: CVE-2011-0997

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2011-0997
value:	HIGH
Trust: 1.6
nvd@nist.gov:	CVE-2011-0997
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#107886
value:	11.34
Trust: 0.8
CNNVD:	CNNVD-201104-043
value:	HIGH
Trust: 0.6
VULMON:	CVE-2011-0997
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2011-0997
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 2.7

sources: CERT/CC: VU#107886 // VULMON: CVE-2011-0997 // JVNDB: JVNDB-2011-001456 // JVNDB: JVNDB-2011-003066 // CNNVD: CNNVD-201104-043 // NVD: CVE-2011-0997

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 2.6

sources: JVNDB: JVNDB-2011-001456 // JVNDB: JVNDB-2011-003066 // NVD: CVE-2011-0997

THREAT TYPE

remote

Trust: 0.9

sources: PACKETSTORM: 100277 // PACKETSTORM: 100160 // PACKETSTORM: 119354 // CNNVD: CNNVD-201104-043

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201104-043

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-001456

PATCH

title:	Internet Systems Consortium	url:	https://www.isc.org	Trust: 0.8
title:	dhcp-3.1-ESV-R1-RELNOTES	url:	http://ftp.isc.org/isc/dhcp/dhcp-3.1-ESV-R1-RELNOTES	Trust: 0.8
title:	dhcp-4.1-ESV-R2-RELNOTES	url:	http://ftp.isc.org/isc/dhcp/dhcp-4.1-ESV-R2-RELNOTES	Trust: 0.8
title:	dhcp-4.2.1-P1-RELNOTES	url:	http://ftp.isc.org/isc/dhcp/dhcp-4.2.1-P1-RELNOTES	Trust: 0.8
title:	CVE-2011-0997: dhclient Does Not Strip or Escape Shell Meta-characters	url:	https://www.isc.org/software/dhcp/advisories/cve-2011-0997	Trust: 0.8
title:	RHSA-2011:0428	url:	https://rhn.redhat.com/errata/RHSA-2011-0428.html	Trust: 0.8
title:	RHSA-2011:0840	url:	https://rhn.redhat.com/errata/RHSA-2011-0840.html	Trust: 0.8
title:	TLSA-2011-16	url:	http://www.turbolinux.co.jp/security/2011/TLSA-2011-16j.txt	Trust: 0.8
title:	VMSA-2011-0010	url:	http://www.vmware.com/security/advisories/VMSA-2011-0010.html	Trust: 0.8
title:	HT5005	url:	http://support.apple.com/kb/HT5005	Trust: 0.8
title:	ISC DHCP dhclient Response processing shell Measures to fix meta-character code execution vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=113225	Trust: 0.6
title:	Debian CVElist Bug Report Logs: isc-dhcp-client: CVE-2011-0997	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=a3bf1099a3f6410da5cb17491cb28710	Trust: 0.1
title:	Ubuntu Security Notice: dhcp3 vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1108-2	Trust: 0.1
title:	Ubuntu Security Notice: dhcp3 vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1108-1	Trust: 0.1
title:	Debian Security Advisories: DSA-2216-1 isc-dhcp -- missing input sanitization	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=9079594e67dfba2ce5fd90c652ce64af	Trust: 0.1
title:	Debian CVElist Bug Report Logs: CVE-2011-2716 udhcpc insufficient checking of DHCP options	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=d937c5addcd54815f7f0480b4b3a55e2	Trust: 0.1
title:	VMware Security Advisories: VMware ESX third party updates for Service Console packages glibc and dhcp	url:	https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories&qid=386db0c9014e75eeed9029418ea6714f	Trust: 0.1
title:	Citrix Security Bulletins: Archive: Citrix XenServer Multiple Security Updates	url:	https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=30a988053a9b9c888e66371d7b3040f2	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/critical-rce-bug-avaya-voip-phones/147122/	Trust: 0.1
title:	BleepingComputer	url:	https://www.bleepingcomputer.com/news/security/avaya-voip-phones-harbored-10-year-old-vulnerability/	Trust: 0.1

sources: VULMON: CVE-2011-0997 // JVNDB: JVNDB-2011-001456 // JVNDB: JVNDB-2011-003066 // CNNVD: CNNVD-201104-043

EXTERNAL IDS

db:	CERT/CC	id:	VU#107886	Trust: 4.1
db:	NVD	id:	CVE-2011-0997	Trust: 4.0
db:	SECUNIA	id:	44037	Trust: 2.7
db:	VUPEN	id:	ADV-2011-0879	Trust: 2.5
db:	SECUNIA	id:	44127	Trust: 2.5
db:	SECTRACK	id:	1025300	Trust: 2.5
db:	BID	id:	47176	Trust: 2.5
db:	OSVDB	id:	71493	Trust: 2.5
db:	VUPEN	id:	ADV-2011-1000	Trust: 1.7
db:	VUPEN	id:	ADV-2011-0909	Trust: 1.7
db:	VUPEN	id:	ADV-2011-0915	Trust: 1.7
db:	VUPEN	id:	ADV-2011-0926	Trust: 1.7
db:	VUPEN	id:	ADV-2011-0965	Trust: 1.7
db:	VUPEN	id:	ADV-2011-0886	Trust: 1.7
db:	SECUNIA	id:	44103	Trust: 1.7
db:	SECUNIA	id:	44048	Trust: 1.7
db:	SECUNIA	id:	44180	Trust: 1.7
db:	SECUNIA	id:	44089	Trust: 1.7
db:	SECUNIA	id:	44090	Trust: 1.7
db:	JUNIPER	id:	JSA10761	Trust: 1.7
db:	EXPLOIT-DB	id:	37623	Trust: 1.7
db:	XF	id:	66580	Trust: 0.8
db:	JVNDB	id:	JVNDB-2011-001456	Trust: 0.8
db:	JVNDB	id:	JVNDB-2011-003066	Trust: 0.8
db:	CNNVD	id:	CNNVD-201104-043	Trust: 0.6
db:	VULMON	id:	CVE-2011-0997	Trust: 0.1
db:	PACKETSTORM	id:	100277	Trust: 0.1
db:	PACKETSTORM	id:	100160	Trust: 0.1
db:	PACKETSTORM	id:	100273	Trust: 0.1
db:	PACKETSTORM	id:	119354	Trust: 0.1
db:	PACKETSTORM	id:	100274	Trust: 0.1
db:	PACKETSTORM	id:	100583	Trust: 0.1
db:	PACKETSTORM	id:	100149	Trust: 0.1

sources: CERT/CC: VU#107886 // VULMON: CVE-2011-0997 // JVNDB: JVNDB-2011-001456 // JVNDB: JVNDB-2011-003066 // PACKETSTORM: 100277 // PACKETSTORM: 100160 // PACKETSTORM: 100273 // PACKETSTORM: 119354 // PACKETSTORM: 100274 // PACKETSTORM: 100583 // PACKETSTORM: 100149 // CNNVD: CNNVD-201104-043 // NVD: CVE-2011-0997

REFERENCES

url:	http://www.kb.cert.org/vuls/id/107886	Trust: 3.4
url:	http://secunia.com/advisories/44037	Trust: 2.5
url:	http://secunia.com/advisories/44127	Trust: 2.5
url:	http://securitytracker.com/id?1025300	Trust: 2.5
url:	http://www.securityfocus.com/bid/47176	Trust: 2.5
url:	http://www.vupen.com/english/advisories/2011/0879	Trust: 2.5
url:	https://www.isc.org/software/dhcp/advisories/cve-2011-0997	Trust: 1.9
url:	http://security.gentoo.org/glsa/glsa-201301-06.xml	Trust: 1.8
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10761	Trust: 1.7
url:	http://lists.fedoraproject.org/pipermail/package-announce/2011-april/057888.html	Trust: 1.7
url:	http://lists.fedoraproject.org/pipermail/package-announce/2011-april/058279.html	Trust: 1.7
url:	http://marc.info/?l=bugtraq&m=133226187115472&w=2	Trust: 1.7
url:	http://secunia.com/advisories/44048	Trust: 1.7
url:	http://secunia.com/advisories/44089	Trust: 1.7
url:	http://secunia.com/advisories/44090	Trust: 1.7
url:	http://secunia.com/advisories/44103	Trust: 1.7
url:	http://secunia.com/advisories/44180	Trust: 1.7
url:	http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.593345	Trust: 1.7
url:	http://www.debian.org/security/2011/dsa-2216	Trust: 1.7
url:	http://www.debian.org/security/2011/dsa-2217	Trust: 1.7
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2011:073	Trust: 1.7
url:	http://www.osvdb.org/71493	Trust: 1.7
url:	http://www.redhat.com/support/errata/rhsa-2011-0428.html	Trust: 1.7
url:	http://www.redhat.com/support/errata/rhsa-2011-0840.html	Trust: 1.7
url:	http://www.ubuntu.com/usn/usn-1108-1	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2011/0886	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2011/0909	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2011/0915	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2011/0926	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2011/0965	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2011/1000	Trust: 1.7
url:	https://bugzilla.redhat.com/show_bug.cgi?id=689832	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/66580	Trust: 1.7
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12812	Trust: 1.7
url:	https://www.exploit-db.com/exploits/37623/	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0997	Trust: 1.7
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0997	Trust: 1.6
url:	about vulnerability notes	Trust: 0.8
url:	contact us about this vulnerability	Trust: 0.8
url:	provide a vendor statement	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/66580	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu107886	Trust: 0.8
url:	http://osvdb.org/71493	Trust: 0.8
url:	https://jvn.jp/cert/jvnvu107886/	Trust: 0.8
url:	https://jvn.jp/cert/jvnvu309451/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2011-0997	Trust: 0.6
url:	http://secunia.com/	Trust: 0.3
url:	http://lists.grok.org.uk/full-disclosure-charter.html	Trust: 0.3
url:	http://www.debian.org/security/faq	Trust: 0.2
url:	http://www.debian.org/security/	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=621099	Trust: 0.1
url:	https://www.rapid7.com/db/vulnerabilities/linuxrpm-rhsa-2011-0428	Trust: 0.1
url:	https://usn.ubuntu.com/1108-2/	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	http://www.mandriva.com/security/	Trust: 0.1
url:	http://store.mandriva.com/product_info.php?cpath=149&products_id=490	Trust: 0.1
url:	http://ftp.isc.org/isc/dhcp/dhcp-4.1.2-p1-relnotes	Trust: 0.1
url:	http://www.mandriva.com/security/advisories	Trust: 0.1
url:	https://www.isc.org/downloads/all	Trust: 0.1
url:	http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-2748	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0997	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-3955	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3571	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-3954	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-4539	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-3570	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-4868	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3954	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4539	Trust: 0.1
url:	http://security.gentoo.org/	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2749	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-2749	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3570	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3955	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-3571	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2748	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4868	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/dhcp3/3.1.3-2ubuntu6.2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/dhcp3/3.1.3-2ubuntu3.2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/dhcp3/3.1.2-1ubuntu7.3	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=44037	Trust: 0.1
url:	http://secunia.com/products/corporate/evm/	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://secunia.com/advisories/44037/#comments	Trust: 0.1
url:	http://secunia.com/advisories/44037/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/resources/factsheets/2011_vendor/	Trust: 0.1

CREDITS

Debian

Trust: 0.2

sources: PACKETSTORM: 100273 // PACKETSTORM: 100274

SOURCES

db:	CERT/CC	id:	VU#107886
db:	VULMON	id:	CVE-2011-0997
db:	JVNDB	id:	JVNDB-2011-001456
db:	JVNDB	id:	JVNDB-2011-003066
db:	PACKETSTORM	id:	100277
db:	PACKETSTORM	id:	100160
db:	PACKETSTORM	id:	100273
db:	PACKETSTORM	id:	119354
db:	PACKETSTORM	id:	100274
db:	PACKETSTORM	id:	100583
db:	PACKETSTORM	id:	100149
db:	CNNVD	id:	CNNVD-201104-043
db:	NVD	id:	CVE-2011-0997

LAST UPDATE DATE

2025-04-18T22:39:42.912000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#107886	date:	2011-05-06T00:00:00
db:	VULMON	id:	CVE-2011-0997	date:	2020-04-01T00:00:00
db:	JVNDB	id:	JVNDB-2011-001456	date:	2011-08-11T00:00:00
db:	JVNDB	id:	JVNDB-2011-003066	date:	2011-11-28T00:00:00
db:	CNNVD	id:	CNNVD-201104-043	date:	2020-04-03T00:00:00
db:	NVD	id:	CVE-2011-0997	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#107886	date:	2011-04-05T00:00:00
db:	VULMON	id:	CVE-2011-0997	date:	2011-04-08T00:00:00
db:	JVNDB	id:	JVNDB-2011-001456	date:	2011-04-28T00:00:00
db:	JVNDB	id:	JVNDB-2011-003066	date:	2011-11-28T00:00:00
db:	PACKETSTORM	id:	100277	date:	2011-04-11T15:09:06
db:	PACKETSTORM	id:	100160	date:	2011-04-07T15:19:36
db:	PACKETSTORM	id:	100273	date:	2011-04-11T14:45:39
db:	PACKETSTORM	id:	119354	date:	2013-01-09T02:26:37
db:	PACKETSTORM	id:	100274	date:	2011-04-11T14:46:07
db:	PACKETSTORM	id:	100583	date:	2011-04-19T19:28:20
db:	PACKETSTORM	id:	100149	date:	2011-04-06T08:45:32
db:	CNNVD	id:	CNNVD-201104-043	date:	2011-04-11T00:00:00
db:	NVD	id:	CVE-2011-0997	date:	2011-04-08T15:17:27.387