Arbitrary Command Execution Vulnerability in vpnc Package

Arbitrary Command Execution Vulnerability in vpnc Package

CVE-2011-2660 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The modify_resolvconf_suse script in the vpnc package before 0.5.1-55.10.1 in SUSE Linux Enterprise Desktop 11 SP1 might allow remote attackers to execute arbitrary commands via a crafted DNS domain name.

Learn more about our Cis Benchmark Audit For Desktop Software.