Actions
Bug #3462
closedRCE - ARPING
Status:
Resolved
Priority:
High
Assignee:
-
Category:
-
Target version:
-
Start date:
02/17/2014
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:
Description
Reviewing http://seclists.org/fulldisclosure/2014/Jan/187 I can see that it's still possible to execute remote commands using the flaw in the arping package.
The changelog doesn't show a fix for the flaw https://github.com/pfsense/pfsense-packages/commits/master/config/arping
Updated by Jim Pingle almost 11 years ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset pfsense-packages:commit:ad6e7cb89edbb0849eda4516cb0976fb877bc397.
Updated by Chris Buechler almost 11 years ago
- Status changed from Feedback to Resolved
Actions