Red Hat has patched a vulnerability affecting the DHCP client packages that shipped with Red Hat Enterprise Linux 6 and 7. A successful exploit could give an attacker root access and full control over enterprise endpoints.
According to an alert issued Wednesday from US-CERT, the critical-rated flaw, first reported by Google researcher Felix Wilhelm, would “allow attackers to use malicious DHCP server responses to execute arbitrary commands on target systems over the local network,” if those systems use NetworkManager and are configured to obtain dynamic IP addresses.
Read more…
Source: ThreatPost