7.5

CVE-2003-0026

Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IscDhcpd Version3.0
IscDhcpd Version3.0.1 Updaterc1
IscDhcpd Version3.0.1 Updaterc2
IscDhcpd Version3.0.1 Updaterc3
IscDhcpd Version3.0.1 Updaterc4
IscDhcpd Version3.0.1 Updaterc5
IscDhcpd Version3.0.1 Updaterc6
IscDhcpd Version3.0.1 Updaterc7
IscDhcpd Version3.0.1 Updaterc8
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 18.85% 0.969
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://archives.neohapsis.com/archives/bugtraq/2003-01/0250.html
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000562
http://www.cert.org/advisories/CA-2003-01.html
Patch
Third Party Advisory
US Government Resource
http://www.ciac.org/ciac/bulletins/n-031.shtml
http://www.debian.org/security/2003/dsa-231
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/284857
Patch
Third Party Advisory
US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2003:007
http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.002.html
http://www.redhat.com/support/errata/RHSA-2003-011.html
Patch
Vendor Advisory
http://www.securityfocus.com/bid/6627
http://www.securitytracker.com/id?1005924
http://www.suse.com/de/security/2003_006_dhcp.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/11073