CVE-2011-1930

CRITICAL

klibc 1.5.20-1.5.21 - Remote Code Execution via DHCP Reply Handling

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-1930. PoCs published by maximilian attems.

AI-analyzed exploit summary This exploit leverages a shell command injection vulnerability in klibc versions prior to 1.5.22. The DNSDOMAIN environment variable is manipulated to execute arbitrary shell commands due to improper input sanitization.

Description

In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not properly escaped. This may allow a remote attacker to send a specially crafted DHCP reply which could execute arbitrary code with the privileges of any process which sources DHCP options.

Exploits (1)

exploitdb WORKING POC VERIFIED
by maximilian attems · textremotelinux
https://www.exploit-db.com/exploits/35785

This exploit leverages a shell command injection vulnerability in klibc versions prior to 1.5.22. The DNSDOMAIN environment variable is manipulated to execute arbitrary shell commands due to improper input sanitization.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: klibc < 1.5.22
No auth needed
Prerequisites: Access to an environment where the DNSDOMAIN variable is processed by a vulnerable version of klibc
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory x_refsource_misc
https://security-tracker.debian.org/tracker/CVE-2011-1930
Not Applicable, Third Party Advisory x_refsource_misc
https://access.redhat.com/security/cve/cve-2011-1930
Third Party Advisory x_refsource_misc
http://security.gentoo.org/glsa/glsa-201309-21.xml
Mailing List, Third Party Advisory x_refsource_misc
http://www.openwall.com/lists/oss-security/2012/05/22/12
Third Party Advisory, VDB Entry x_refsource_misc
http://www.securityfocus.com/bid/47924

Scores

CVSS v3 9.8
EPSS 0.2899
EPSS Percentile 96.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (4)
debian/debian_linux 8.0
debian/debian_linux 9.0
debian/debian_linux 10.0
klibc_project/klibc < 1.5.25
Published Nov 14, 2019
Tracked Since Feb 18, 2026