CVE-2002-0702

Currently unrated

Key Information:

Vendor: Isc
Status: Dhcpd
Vendor: CVE Published:; 26 July 2002

Summary

Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response.

References

http://www.securityfocus.com/bid/4701

vdb-entryx_refsource_BID

http://www.kb.cert.org/vuls/id/854315

third-party-advisoryx_refsource_CERT-VN

http://www.novell.com/linux/security/advisories/2002_19_d...

vendor-advisoryx_refsource_SUSE

EPSS Score

29% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 26, 2002
Vulnerability Reserved
Jul 16, 2002