CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1CVE-2019-6470 – dhcpd: use-after-free error leads crash in IPv6 mode when using mismatched BIND libraries
https://notcve.org/view.php?id=CVE-2019-6470
There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. • https://access.redhat.com/errata/RHSA-2019:2060 https://access.redhat.com/errata/RHSA-2019:3525 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896122 https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00048.html https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00049.html https://access.redhat.com/security/cve/CVE-2019-6470 https://bugzilla.redhat.com/show_bug.cgi?id=1708641 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 1%CPEs: 22EXPL: 0CVE-2004-1006
https://notcve.org/view.php?id=CVE-2004-1006
Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702. • http://archives.neohapsis.com/archives/bugtraq/2004-10/0287.html http://archives.neohapsis.com/archives/bugtraq/2004-11/0037.html http://marc.info/?l=bugtraq&m=109968710822449&w=2 http://www.debian.org/security/2004/dsa-584 http://www.kb.cert.org/vuls/id/448384 http://www.redhat.com/support/errata/RHSA-2005-212.html http://www.securityfocus.com/bid/11591 https://exchange.xforce.ibmcloud.com/vulnerabilities/17963 https://access.redhat.com/security/cve/CVE-2004-1006 http •
CVSS: 7.5EPSS: 13%CPEs: 9EXPL: 0CVE-2003-0026
https://notcve.org/view.php?id=CVE-2003-0026
Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname. Múltiples desbordamientos de búfer en la pila en las rutinas de manejo de errores de la libreria minires, como es usada en la capacidad NSUPDATE de ISC DHCPD 3.0 A 3.0.1RC10, permite a atacantes remotos ejecutar código arbitrario mediante un mensaje DHCP conteniendo un nombre de host largo. • http://archives.neohapsis.com/archives/bugtraq/2003-01/0250.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000562 http://www.cert.org/advisories/CA-2003-01.html http://www.ciac.org/ciac/bulletins/n-031.shtml http://www.debian.org/security/2003/dsa-231 http://www.kb.cert.org/vuls/id/284857 http://www.mandriva.com/security/advisories?name=MDKSA-2003:007 http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.002.html http://www.redhat.com/support •
CVSS: 10.0EPSS: 16%CPEs: 9EXPL: 1CVE-2002-0702 – ISC DHCPD 2.0/3.0.1 - NSUPDATE Remote Format String
https://notcve.org/view.php?id=CVE-2002-0702
Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response. • https://www.exploit-db.com/exploits/21440 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-028.0.txt http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0063.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000483 http://marc.info/?l=bugtraq&m=102089498828206&w=2 http://www.cert.org/advisories/CA-2002-12.html http://www.iss.net/security_center/static/9039.php http://www.kb.cert.org/vuls/id/854315 http://www.linux-mandrake.com/en/s •