CVSS: 5.0EPSS: 4%CPEs: 10EXPL: 0CVE-2003-0039
https://notcve.org/view.php?id=CVE-2003-0039
ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count. ISC dhcprelay (dhcp-relay) y anteriores, y posiblemente otras versiones, permite a atacantes remotos causar una denegación de servicio (tormenta de paquetes) mediante cierto paquete BOOTP que es enviado a una dirección MAC de difusión (broadcast) • http://cc.turbolinux.com/security/TLSA-2003-26.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000616 http://marc.info/?l=bugtraq&m=104310927813830&w=2 http://www.debian.org/security/2003/dsa-245 http://www.kb.cert.org/vuls/id/149953 http://www.openpkg.org/security/OpenPKG-SA-2003.012-dhcpd.html http://www.redhat.com/support/errata/RHSA-2003-034.html http://www.securityfocus.com/bid/6628 https://exchange.xforce.ibmcloud.com/vulnerabilities/11187 •
CVSS: 7.5EPSS: 13%CPEs: 9EXPL: 0CVE-2003-0026
https://notcve.org/view.php?id=CVE-2003-0026
Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname. Múltiples desbordamientos de búfer en la pila en las rutinas de manejo de errores de la libreria minires, como es usada en la capacidad NSUPDATE de ISC DHCPD 3.0 A 3.0.1RC10, permite a atacantes remotos ejecutar código arbitrario mediante un mensaje DHCP conteniendo un nombre de host largo. • http://archives.neohapsis.com/archives/bugtraq/2003-01/0250.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000562 http://www.cert.org/advisories/CA-2003-01.html http://www.ciac.org/ciac/bulletins/n-031.shtml http://www.debian.org/security/2003/dsa-231 http://www.kb.cert.org/vuls/id/284857 http://www.mandriva.com/security/advisories?name=MDKSA-2003:007 http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.002.html http://www.redhat.com/support •
CVSS: 10.0EPSS: 16%CPEs: 9EXPL: 1CVE-2002-0702 – ISC DHCPD 2.0/3.0.1 - NSUPDATE Remote Format String
https://notcve.org/view.php?id=CVE-2002-0702
Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response. • https://www.exploit-db.com/exploits/21440 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-028.0.txt http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0063.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000483 http://marc.info/?l=bugtraq&m=102089498828206&w=2 http://www.cert.org/advisories/CA-2002-12.html http://www.iss.net/security_center/static/9039.php http://www.kb.cert.org/vuls/id/854315 http://www.linux-mandrake.com/en/s •