Vulnerability CVE-2004-0461


Published: 2004-08-06   Modified: 2012-02-12

Description:
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.

Vendor: SUSE
Product: Suse email server 
Version: iii;
Product: Suse linux 
Version:
9.1
9.0
8.2
8.1
8.0
7
Product: Suse linux firewall cd 
Product: Suse linux admin-cd for firewall 
Product: Suse linux database server 
Product: Suse linux office server 
Product: Suse linux connectivity server 
Vendor: Redhat
Product: Fedora core 
Version: core_2.0;
Vendor: Mandrakesoft
Product: Mandrake linux 
Version:
9.2
9.1
9.0
10.0
Vendor: ISC
Product: Dhcpd 
Version: 3.0.1;
Vendor: Infoblox
Product: Dns one appliance 
Version:
2.4.0.8a
2.4.0.8
2.3.1_r5

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://marc.info/?l=bugtraq&m=108795911203342&w=2
http://marc.info/?l=bugtraq&m=108843959502356&w=2
http://marc.info/?l=bugtraq&m=108938625206063&w=2
http://www.kb.cert.org/vuls/id/654390
http://www.mandriva.com/security/advisories?name=MDKSA-2004:061
http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.html
http://www.securityfocus.com/bid/10591
http://www.us-cert.gov/cas/techalerts/TA04-174A.html
http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf
http://xforce.iss.net/xforce/xfdb/16476

Related CVE
CVE-2018-10239
A privilege escalation vulnerability in the "support access" feature on Infoblox NIOS 6.8 through 8.4.1 could allow a locally authenticated administrator to temporarily gain additional privileges on an affected device and perform actions within the s...
CVE-2018-6643
Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter.
CVE-2016-6484
CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentType parameter in a login action to config/userAdmin/l...
CVE-2015-2033
Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request.
CVE-2014-3419
Infoblox NetMRI before 6.8.5 has a default password of admin for the "root" MySQL database account, which makes it easier for local users to obtain access via unspecified vectors.
CVE-2014-3418
config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter.
CVE-2011-5178
Multiple cross-site scripting (XSS) vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox NetMRI 6.0.2.42, 6.1.2, 6.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) eulaAccepted or (2) mode paramete...
CVE-2004-0606
Cross-site scripting (XSS) vulnerability in Infoblox DNS One running firmware 2.4.0-8 and earlier allows remote attackers to execute arbitrary scripts as other users via the (1) CLIENTID or (2) HOSTNAME option of a DHCP request.

Copyright 2019, cxsecurity.com

 

Back to Top