The modify_resolvconf_suse script in the vpnc package...
High severity
Unreviewed
Published
May 17, 2022
to the GitHub Advisory Database
•
Updated Feb 3, 2023
Description
Published by the National Vulnerability Database
Sep 6, 2011
Published to the GitHub Advisory Database
May 17, 2022
Last updated
Feb 3, 2023
The modify_resolvconf_suse script in the vpnc package before 0.5.1-55.10.1 in SUSE Linux Enterprise Desktop 11 SP1 might allow remote attackers to execute arbitrary commands via a crafted DNS domain name.
References