CVE-2002-0702

CVSS 10.0 - HIGH
Description

Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response.

Affected Products
9
Vendor Product Version
isc dhcpd 3.0
isc dhcpd 3.0.1
isc dhcpd 3.0.1
isc dhcpd 3.0.1
isc dhcpd 3.0.1
isc dhcpd 3.0.1
isc dhcpd 3.0.1
isc dhcpd 3.0.1
isc dhcpd 3.0.1
References
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-...
http://archives.neohapsis.com/archives/vulnwatch/2...
http://distro.conectiva.com.br/atualizacoes/?id=a&...
http://marc.info/?l=bugtraq&m=102089498828206&w=2
http://www.cert.org/advisories/CA-2002-12.html
http://www.iss.net/security_center/static/9039.php
http://www.kb.cert.org/vuls/id/854315
http://www.linux-mandrake.com/en/security/2002/MDK...
http://www.novell.com/linux/security/advisories/20...
http://www.securityfocus.com/bid/4701
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-...
http://archives.neohapsis.com/archives/vulnwatch/2...
http://distro.conectiva.com.br/atualizacoes/?id=a&...
http://marc.info/?l=bugtraq&m=102089498828206&w=2
http://www.cert.org/advisories/CA-2002-12.html
http://www.iss.net/security_center/static/9039.php
http://www.kb.cert.org/vuls/id/854315
http://www.linux-mandrake.com/en/security/2002/MDK...
http://www.novell.com/linux/security/advisories/20...
http://www.securityfocus.com/bid/4701
Weakness Types
NVD-CWE-Other
CVE Information
CVE ID:
CVE-2002-0702
Published:
2002-07-26
Modified:
2026-04-16
CVSS Score:
10.0
Severity:
HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Vendors
isc
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL