CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
96.0%
Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702.
Vendor | Product | Version | CPE |
---|---|---|---|
isc | dhcpd | 2.0.pl5 | cpe:2.3:a:isc:dhcpd:2.0.pl5:*:*:*:*:*:*:* |
isc | dhcpd | 3.0 | cpe:2.3:a:isc:dhcpd:3.0:*:*:*:*:*:*:* |
isc | dhcpd | 3.0 | cpe:2.3:a:isc:dhcpd:3.0:rc12:*:*:*:*:*:* |
isc | dhcpd | 3.0 | cpe:2.3:a:isc:dhcpd:3.0:rc4:*:*:*:*:*:* |
isc | dhcpd | 3.0.1 | cpe:2.3:a:isc:dhcpd:3.0.1:rc1:*:*:*:*:*:* |
isc | dhcpd | 3.0.1 | cpe:2.3:a:isc:dhcpd:3.0.1:rc10:*:*:*:*:*:* |
isc | dhcpd | 3.0.1 | cpe:2.3:a:isc:dhcpd:3.0.1:rc11:*:*:*:*:*:* |
isc | dhcpd | 3.0.1 | cpe:2.3:a:isc:dhcpd:3.0.1:rc12:*:*:*:*:*:* |
isc | dhcpd | 3.0.1 | cpe:2.3:a:isc:dhcpd:3.0.1:rc13:*:*:*:*:*:* |
isc | dhcpd | 3.0.1 | cpe:2.3:a:isc:dhcpd:3.0.1:rc14:*:*:*:*:*:* |
archives.neohapsis.com/archives/bugtraq/2004-10/0287.html
archives.neohapsis.com/archives/bugtraq/2004-11/0037.html
marc.info/?l=bugtraq&m=109968710822449&w=2
www.debian.org/security/2004/dsa-584
www.kb.cert.org/vuls/id/448384
www.redhat.com/support/errata/RHSA-2005-212.html
www.securityfocus.com/bid/11591
exchange.xforce.ibmcloud.com/vulnerabilities/17963