CVE-2003-0026

Currently unrated

Key Information:

Vendor: Isc
Status: Dhcpd
Vendor: CVE Published:; 17 January 2003

Summary

Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname.

References

http://www.redhat.com/support/errata/RHSA-2003-011.html

vendor-advisoryx_refsource_REDHAT

http://www.openpkg.com/security/advisories/OpenPKG-SA-200...

vendor-advisoryx_refsource_OPENPKG

http://www.securitytracker.com/id?1005924

vdb-entryx_refsource_SECTRACK

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 17, 2003
Vulnerability Reserved
Jan 10, 2003