customer center

DHCP Client Script Code Execution Vulnerability - CVE-2018-1111
21.05.2018

Red Hat has been made aware of a command injection flaw found in a script included in the DHCP client (dhclient) packages in Red Hat Enterprise Linux 6 and 7.

A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager which is configured to obtain network configuration using the DHCP protocol.

Background Information
The DHCP protocol is used to configure network related information in hosts from a central server. When a host is connected to a network, it can issue DHCP requests to fetch network configuration parameter such as IP address, default router IP, DNS servers, and more.

The DHCP client package dhclient provided by Red Hat has a script /etc/NetworkManager/dispatcher.d/11-dhclient (in Red Hat Enterprise Linux 7) or /etc/NetworkManager/dispatcher.d/10-dhclient (in Red Hat Enterprise Linux 6) for the NetworkManager component, which is executed each time NetworkManager receives a DHCP response from a DHCP server. A malicious DHCP response could cause the script to execute arbitrary shell commands with root privileges.

Acknowledgments
Red Hat would like to thank Felix Wilhelm from the Google Security Team for reporting this flaw. 

VPN service
12.03.2018
VPN service

Presenting new service from Nsomnia Networks - VPNSHELL.CC

Client-server on OpenVPN technology is a popular technology with the support of the absolute majority of modern platforms. Forget about hacking and mumbo jumbo!

Private Racks of Coretek.hosting
23.10.2017

We offer you the opportunity to order a server in our rack.

Benefits:

  • Port speed upgrade without changind server allocation and IPs
  • Flexible traffic plans
  • Possibility of multiple servers integration to a local network
  • Possibility of ip-KVM (DRAC/iLO) activation.

You may also order an additional hardware:

  • Manged switch Juniper EX2200 - $89/month;
  • Managed switch Juniper EX3300 - $159/month;
  • Firewall Cisco ASA 5505, ASA 5510, ASA 5520, ASA 5540, ASA 5550;
  • Load balancers A10 AX series 1030, Kemp LM-2200.
New VPS configs and pricing
31.08.2017

New configurations and pricings are now available. 

SOLIDLITE 1 core Xeon E5-2420, 32GB SSD RAID, 768MB RAM, Linux, FreeBSD, Windows - $12

SSDRIVE 2 core Xeon E5-2420, 100GB SSD RAID, 3GB RAM, Linux, FreeBSD, Windows - $23.9

20% OFF at 12 months contract

VPS presentation

HP ILO4 Security issue
30.08.2017

We are writing to inform you about a potential security vulnerability that has been identified in HPE Integrated Lights-out (iLO 4). This vulnerability could be exploited remotely to allow authentication bypass and execution of code.

We kindly advise you to perform an upgrade to the latest available firmware version. The firmware .bin file is here.

 

ilo4 security update

1 2 3
  • RIPE NCC
  • ALCUBIERRE ENGINEERING LLP
  • TradeMark 'Coretek.host'
  • Tel. +44 7743126250
  • Email: info@coretek.host
  • © 2007-2025 Coretek.host