CVE-2003-0026
Published Jan 17, 2003
Last updated 7 years ago
Overview
- Description
- Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:dhcpd:3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "747BD317-A9FF-41CD-95D4-FAEA3BA6DBD9"
},
{
"criteria": "cpe:2.3:a:isc:dhcpd:3.0.1:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0148CB1-A2F1-4B66-9F25-B1F7C54A8EDB"
},
{
"criteria": "cpe:2.3:a:isc:dhcpd:3.0.1:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2DE1BF66-E066-4043-AE4F-2558B23FF759"
},
{
"criteria": "cpe:2.3:a:isc:dhcpd:3.0.1:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "35D41D26-8318-45D0-AD6F-2043AD74F993"
},
{
"criteria": "cpe:2.3:a:isc:dhcpd:3.0.1:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "45242D44-9BDC-4DB1-B24A-4227C76C6F88"
},
{
"criteria": "cpe:2.3:a:isc:dhcpd:3.0.1:rc5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "76051D4C-4C8C-4010-AE73-A4AAE7CF823E"
},
{
"criteria": "cpe:2.3:a:isc:dhcpd:3.0.1:rc6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AC3987D7-24DD-49A4-84FB-61E9171FFF61"
},
{
"criteria": "cpe:2.3:a:isc:dhcpd:3.0.1:rc7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3AF3A0F6-8C85-4288-821E-418DE6A37AE7"
},
{
"criteria": "cpe:2.3:a:isc:dhcpd:3.0.1:rc8:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2D64F9C-6B3A-4E53-A717-4FF7CC56E842"
}
],
"operator": "OR"
}
]
}
]