Описание
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-0461
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16476
- http://marc.info/?l=bugtraq&m=108795911203342&w=2
- http://marc.info/?l=bugtraq&m=108843959502356&w=2
- http://marc.info/?l=bugtraq&m=108938625206063&w=2
- http://secunia.com/advisories/23265
- http://www.kb.cert.org/vuls/id/654390
- http://www.mandriva.com/security/advisories?name=MDKSA-2004:061
- http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.html
- http://www.securityfocus.com/bid/10591
- http://www.us-cert.gov/cas/techalerts/TA04-174A.html
- http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf
EPSS
CVE ID
Связанные уязвимости
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when com ...
EPSS