Project

General

Profile

Actions

Bug #3462

closed

RCE - ARPING

Added by Fernando Munoz about 10 years ago. Updated about 10 years ago.

Status:
Resolved
Priority:
High
Assignee:
-
Category:
-
Target version:
-
Start date:
02/17/2014
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:

Description

Reviewing http://seclists.org/fulldisclosure/2014/Jan/187 I can see that it's still possible to execute remote commands using the flaw in the arping package.

The changelog doesn't show a fix for the flaw https://github.com/pfsense/pfsense-packages/commits/master/config/arping

Actions #1

Updated by Jim Pingle about 10 years ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100

Applied in changeset pfsense-packages:commit:ad6e7cb89edbb0849eda4516cb0976fb877bc397.

Actions #2

Updated by Chris Buechler about 10 years ago

  • Status changed from Feedback to Resolved
Actions

Also available in: Atom PDF