Stack-Based Buffer Overflow in ISC DHCPD Affecting Multiple Versions
CVE-2003-0026

Currently unrated

Key Information:

Vendor

Isc
Status
Dhcpd
Vendor
CVE Published:
17 January 2003

What is CVE-2003-0026?

The vulnerability arises from multiple stack-based buffer overflows in the error handling routines of the minires library, utilized by the NSUPDATE functionality in ISC DHCPD. An attacker could send a malicious DHCP message containing an excessively long hostname, which could lead to arbitrary code execution on the targeted system. This issue affects several versions of ISC DHCPD, making it crucial for users and administrators to apply the appropriate patches and take preventive measures.

References

http://www.redhat.com/support/errata/RHSA-2003-011.html
vendor-advisoryx_refsource_REDHAT
http://www.openpkg.com/security/advisories/OpenPKG-SA-200...
vendor-advisoryx_refsource_OPENPKG
http://www.securitytracker.com/id?1005924
vdb-entryx_refsource_SECTRACK

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.