Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0026

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0026
Last Modified 07 Mar 2011 09:11:57
Published 17 Jan 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0026

Summary

Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname.

Vulnerable Systems

Application

  • Isc Dhcpd 3.0

  • Isc Dhcpd 3.0.1


References

CERT-VN - VU#284857

CERT - CA-2003-01

REDHAT - RHSA-2003:011

DEBIAN - DSA-231

SUSE - SuSE-SA:2003:0006

XF - dhcpd-minires-multiple-bo(11073)

SECTRACK - 1005924

BID - 6627

OPENPKG - OpenPKG-SA-2003.002

MANDRAKE - MDKSA-2003:007

CIAC - N-031

CONECTIVA - CLA-2003:562

BUGTRAQ - 20030122 [securityslackware.com: [slackware-security] New DHCP packages available]

SUSE - SuSE-SA:2003:006


Last Updated: 27 May 2016 11:02:28