Apple Security Advisory 2011-11-10-2
Apple Security Advisory 2011-11-10-2 – Time Capsule and AirPort Base Station (802.11n) Firmware 7.6 is now available and addresses a security vulnerability. dhclient allowed remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message. This issue is addressed by stripping shell meta-characters in dhclient-script.
Tags: commands-via, Security, stripping-shell