VMSA-2011-0010: Third Party Updates for Service Console packages glibc and dhcp
Submitted by securityadmin on
http://www.vmware.com/security/advisories/VMSA-2011-0010.html
"The DHCP client daemon, dhclient, does not properly sanatize certain
options in DHCP server replies. An attacker could send a specially
crafted DHCP server reply, that is saved on the client system and
evaluated by a process that assumes the option is trusted. This could
lead to arbitrary code execution with the privileges of the evaluating
process."