7 matches found
isc-dhcpd -- format string vulnerabilities
The remote host is missing an update to the system as announced in the referenced advisory. VID ccd325d2-fa08-11d9-bc08-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
isc-dhcpd -- format string vulnerabilities
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD : isc-dhcpd -- format string vulnerabilities (ccd325d2-fa08-11d9-bc08-0001020eed82)
The ISC DHCP programs are vulnerable to several format string vulnerabilities which may allow a remote attacker to execute arbitrary code with the permissions of the DHCP programs, typically root for the DHCP server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
CVE-2004-1006
Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702...
CVE-2004-1006
CVE-2004-1006 affects ISC DHCP’s dhcpd (dhcp 2.x). A format-string vulnerability in the logging code (errwarn/calls in log paths) could allow a remote DNS server to trigger arbitrary code execution with the dhcpd’s privileges. Public references (RHSA-2005:212, Debian DSA-584-1, CERT/US-CERT entri...
CVE-2004-1006
Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702...
Debian DSA-584-1 : dhcp - format string vulnerability
'infamous41md' noticed that the log functions in dhcp 2.x, which is still distributed in the stable Debian release, contained pass parameters to function that use format strings. One use seems to be exploitable in connection with a malicious DNS server. %NASLMINLEVEL 70300 C Tenable Network...