8 matches found
CVE-2019-6470
CVE-2019-6470 concerns a use-after-free/crash in DHCPv6 when ISC BIND libraries are mismatched with dhcpd. The described root cause is a bug in a BIND library function used by dhcpd, with the library bug preventing normal operation and a crash potential when vendors differ in package versions. Af...
CVE-2006-3122
The CVE-2006-3122 entry concerns ISC DHCP (dhcpd) 2.0pl5. The vulnerability is in the supersede_lease function (memory.c): processing a DHCPDISCOVER with a 32-byte client-identifier causes the packet to be interpreted as a corrupt uid, making the server exit with a denial-of-service condition. Th...
CVE-2004-0460
ISC DHCP 3.0.1rc12 and 3.0.1rc13 are affected by a buffer overflow in the DHCPD logging path when processing multiple hostname options in DISCOVER/OFFER/REQUEST/ACK/NAK, potentially enabling remote code execution and denial of service. The issue stems from long hostname options being concatenated...
CVE-2004-0461
ISC DHCPD 3.0.1rc12/rc13 contains two buffer overflow risks: when vsnprintf support is absent, header files map vsnprintf to the unsafe vsprintf, enabling possible DoS (server crash) and potentially arbitrary code execution. The issue affects the DHCP server component in ISC DHCP 3.0.1rc12/rc13 a...
CVE-2004-1006
CVE-2004-1006 affects ISC DHCP’s dhcpd (dhcp 2.x). A format-string vulnerability in the logging code (errwarn/calls in log paths) could allow a remote DNS server to trigger arbitrary code execution with the dhcpd’s privileges. Public references (RHSA-2005:212, Debian DSA-584-1, CERT/US-CERT entri...
CVE-2002-0702
ISC DHCPD (dhcpd) versions 3 through 3.0.1rc8, with NSUPDATE enabled, contain a format string vulnerability in the logging code (print.c) that can allow remote DNS servers to execute arbitrary code via crafted DNS responses. The vulnerability is in the dynamic DNS update path and logging of updat...
CVE-2003-0039
The CVE-2003-0039 entry concerns ISC dhcrelay (dhcp-relay) up to version 3.0rc9 (and potentially other builds). A malicious BOOTP packet forwarded to the broadcast MAC ff:ff:ff:ff:ff:ff can cause an infinite loop in the relay, not bounded by hop count, leading to a denial of service against confi...
CVE-2003-0026
CVE-2003-0026 affects ISC DHCPD 3.0–3.0.1RC10 via stack-based overflows in the minires error-handling code used by NSUPDATE, enabling remote code execution through a DHCP message with a long hostname (CVSS v2 base 7.5). Public advisories (notably Debian DSA 231-1) report fixes in the dhcp3 packag...