Project

General

Profile

Bug #3462

RCE - ARPING

Added by Fernando Munoz over 6 years ago. Updated over 6 years ago.

Status:
Resolved
Priority:
High
Assignee:
-
Category:
-
Target version:
-
Start date:
02/17/2014
Due date:
% Done:

100%

Estimated time:
Affected Version:
Affected Architecture:

Description

Reviewing http://seclists.org/fulldisclosure/2014/Jan/187 I can see that it's still possible to execute remote commands using the flaw in the arping package.

The changelog doesn't show a fix for the flaw https://github.com/pfsense/pfsense-packages/commits/master/config/arping

History

#1 Updated by Jim Pingle over 6 years ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100

Applied in changeset pfsense-packages:commit:ad6e7cb89edbb0849eda4516cb0976fb877bc397.

#2 Updated by Chris Buechler over 6 years ago

  • Status changed from Feedback to Resolved

Also available in: Atom PDF