7.5

CVE-2003-0026

EPSS 12.42%
Veröffentlicht 17.01.2003 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 16

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Isc ≫ Dhcpd Version3.0

Isc ≫ Dhcpd Version3.0.1 Updaterc1

Isc ≫ Dhcpd Version3.0.1 Updaterc2

Isc ≫ Dhcpd Version3.0.1 Updaterc3

Isc ≫ Dhcpd Version3.0.1 Updaterc4

Isc ≫ Dhcpd Version3.0.1 Updaterc5

Isc ≫ Dhcpd Version3.0.1 Updaterc6

Isc ≫ Dhcpd Version3.0.1 Updaterc7

Isc ≫ Dhcpd Version3.0.1 Updaterc8

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	12.42%	0.932

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://archives.neohapsis.com/archives/bugtraq/2003-01/0250.html

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000562

http://www.cert.org/advisories/CA-2003-01.html

Patch

Third Party Advisory

US Government Resource

http://www.ciac.org/ciac/bulletins/n-031.shtml

http://www.debian.org/security/2003/dsa-231

Patch

Vendor Advisory

http://www.kb.cert.org/vuls/id/284857

Patch

Third Party Advisory

US Government Resource

http://www.mandriva.com/security/advisories?name=MDKSA-2003:007

http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.002.html

http://www.redhat.com/support/errata/RHSA-2003-011.html

Patch

Vendor Advisory

http://www.securityfocus.com/bid/6627

http://www.securitytracker.com/id?1005924

http://www.suse.com/de/security/2003_006_dhcp.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/11073

https://nvd.nist.gov/vuln/detail/CVE-2003-0026

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2003-0026

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2003-0026

EUVD