CVE-2003-0026 Information

Feb 14, 2021 cve

Description

Multiple stack-based buffer overflows in the error handling routines of the minires library as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10 allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname.

Reference

http://archives.neohapsis.com/archives/bugtraq/2003-01/0250.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000562 http://www.cert.org/advisories/CA-2003-01.html http://www.ciac.org/ciac/bulletins/n-031.shtml http://www.debian.org/security/2003/dsa-231 http://www.kb.cert.org/vuls/id/284857 http://www.mandriva.com/security/advisories?name=MDKSA-2003:007 http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.002.html http://www.redhat.com/support/errata/RHSA-2003-011.html http://www.securityfocus.com/bid/6627 http://www.securitytracker.com/id?1005924 http://www.suse.com/de/security/2003_006_dhcp.html https://exchange.xforce.ibmcloud.com/vulnerabilities/11073

Share on: