CVE-2003-0026

CVSS 7.5 - HIGH
Description

Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname.

Affected Products
9
Vendor Product Version
isc dhcpd 3.0
isc dhcpd 3.0.1
isc dhcpd 3.0.1
isc dhcpd 3.0.1
isc dhcpd 3.0.1
isc dhcpd 3.0.1
isc dhcpd 3.0.1
isc dhcpd 3.0.1
isc dhcpd 3.0.1
References
http://archives.neohapsis.com/archives/bugtraq/200...
http://distro.conectiva.com.br/atualizacoes/?id=a&...
http://www.cert.org/advisories/CA-2003-01.html
http://www.ciac.org/ciac/bulletins/n-031.shtml
http://www.debian.org/security/2003/dsa-231
http://www.kb.cert.org/vuls/id/284857
http://www.mandriva.com/security/advisories?name=M...
http://www.openpkg.com/security/advisories/OpenPKG...
http://www.redhat.com/support/errata/RHSA-2003-011...
http://www.securityfocus.com/bid/6627
http://www.securitytracker.com/id?1005924
http://www.suse.com/de/security/2003_006_dhcp.html
https://exchange.xforce.ibmcloud.com/vulnerabiliti...
http://archives.neohapsis.com/archives/bugtraq/200...
http://distro.conectiva.com.br/atualizacoes/?id=a&...
http://www.cert.org/advisories/CA-2003-01.html
http://www.ciac.org/ciac/bulletins/n-031.shtml
http://www.debian.org/security/2003/dsa-231
http://www.kb.cert.org/vuls/id/284857
http://www.mandriva.com/security/advisories?name=M...
Weakness Types
NVD-CWE-Other
CVE Information
CVE ID:
CVE-2003-0026
Published:
2003-01-17
Modified:
2026-04-16
CVSS Score:
7.5
Severity:
HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Vendors
isc
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL