Lucene search
K
IscDhcpd

8 matches found

CVE
CVE
added 2019/11/01 10:15 p.m.1290 views

CVE-2019-6470

CVE-2019-6470 concerns a use-after-free/crash in DHCPv6 when ISC BIND libraries are mismatched with dhcpd. The described root cause is a bug in a BIND library function used by dhcpd, with the library bug preventing normal operation and a crash potential when vendors differ in package versions. Af...

7.5CVSS6.7AI score0.08813EPSS
CVE
CVE
added 2006/08/09 10:0 p.m.103 views

CVE-2006-3122

The CVE-2006-3122 entry concerns ISC DHCP (dhcpd) 2.0pl5. The vulnerability is in the supersede_lease function (memory.c): processing a DHCPDISCOVER with a 32-byte client-identifier causes the packet to be interpreted as a corrupt uid, making the server exit with a denial-of-service condition. Th...

5CVSS6.3AI score0.03942EPSS
CVE
CVE
added 2004/06/24 4:0 a.m.82 views

CVE-2004-0460

ISC DHCP 3.0.1rc12 and 3.0.1rc13 are affected by a buffer overflow in the DHCPD logging path when processing multiple hostname options in DISCOVER/OFFER/REQUEST/ACK/NAK, potentially enabling remote code execution and denial of service. The issue stems from long hostname options being concatenated...

10CVSS7.8AI score0.45333EPSS
CVE
CVE
added 2004/06/24 4:0 a.m.74 views

CVE-2004-0461

ISC DHCPD 3.0.1rc12/rc13 contains two buffer overflow risks: when vsnprintf support is absent, header files map vsnprintf to the unsafe vsprintf, enabling possible DoS (server crash) and potentially arbitrary code execution. The issue affects the DHCP server component in ISC DHCP 3.0.1rc12/rc13 a...

10CVSS7.8AI score0.16773EPSS
CVE
CVE
added 2004/11/19 5:0 a.m.72 views

CVE-2004-1006

CVE-2004-1006 affects ISC DHCP’s dhcpd (dhcp 2.x). A format-string vulnerability in the logging code (errwarn/calls in log paths) could allow a remote DNS server to trigger arbitrary code execution with the dhcpd’s privileges. Public references (RHSA-2005:212, Debian DSA-584-1, CERT/US-CERT entri...

10CVSS7.2AI score0.07968EPSS
CVE
CVE
added 2002/07/23 4:0 a.m.59 views

CVE-2002-0702

ISC DHCPD (dhcpd) versions 3 through 3.0.1rc8, with NSUPDATE enabled, contain a format string vulnerability in the logging code (print.c) that can allow remote DNS servers to execute arbitrary code via crafted DNS responses. The vulnerability is in the dynamic DNS update path and logging of updat...

10CVSS7.5AI score0.31139EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.58 views

CVE-2003-0039

The CVE-2003-0039 entry concerns ISC dhcrelay (dhcp-relay) up to version 3.0rc9 (and potentially other builds). A malicious BOOTP packet forwarded to the broadcast MAC ff:ff:ff:ff:ff:ff can cause an infinite loop in the relay, not bounded by hop count, leading to a denial of service against confi...

5CVSS6.5AI score0.07955EPSS
CVE
CVE
added 2003/01/16 5:0 a.m.54 views

CVE-2003-0026

CVE-2003-0026 affects ISC DHCPD 3.0–3.0.1RC10 via stack-based overflows in the minires error-handling code used by NSUPDATE, enabling remote code execution through a DHCP message with a long hostname (CVSS v2 base 7.5). Public advisories (notably Debian DSA 231-1) report fixes in the dhcp3 packag...

7.5CVSS7.5AI score0.18853EPSS