CVE-2003-0026

Description

Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/11073

http://www.suse.com/de/security/2003_006_dhcp.html

http://www.securitytracker.com/id?1005924

http://www.securityfocus.com/bid/6627

http://www.redhat.com/support/errata/RHSA-2003-011.html

http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.002.html

http://www.mandriva.com/security/advisories?name=MDKSA-2003:007

http://www.kb.cert.org/vuls/id/284857

http://www.debian.org/security/2003/dsa-231

http://www.ciac.org/ciac/bulletins/n-031.shtml

http://www.cert.org/advisories/CA-2003-01.html

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000562

http://archives.neohapsis.com/archives/bugtraq/2003-01/0250.html

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3