Actions
Bug #3462
closed
RCE - ARPING
Status:
Resolved
Priority:
High
Assignee:
-
Category:
-
Target version:
-
Start date:
02/17/2014
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:
Description
Reviewing http://seclists.org/fulldisclosure/2014/Jan/187 I can see that it's still possible to execute remote commands using the flaw in the arping package.
The changelog doesn't show a fix for the flaw https://github.com/pfsense/pfsense-packages/commits/master/config/arping
Updated by 
Updated by
Actions