CVE-2004-0460
CVSS 10.0 - HIGH
Description
Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file.
Affected Products
28| Vendor | Product | Version |
|---|---|---|
| infoblox | dns_one_appliance |
2.3.1_r5
|
| infoblox | dns_one_appliance |
2.4.0.8
|
| infoblox | dns_one_appliance |
2.4.0.8a
|
| isc | dhcpd |
3.0.1
|
| isc | dhcpd |
3.0.1
|
| suse | suse_email_server |
iii
|
| suse | suse_linux_admin-cd_for_firewall |
All versions
|
| suse | suse_linux_connectivity_server |
All versions
|
| suse | suse_linux_database_server |
All versions
|
| suse | suse_linux_firewall_cd |
All versions
|
| suse | suse_linux_office_server |
All versions
|
| mandrakesoft | mandrake_linux |
9.0
|
| mandrakesoft | mandrake_linux |
9.1
|
| mandrakesoft | mandrake_linux |
9.1
|
| mandrakesoft | mandrake_linux |
9.2
|
| mandrakesoft | mandrake_linux |
9.2
|
| mandrakesoft | mandrake_linux |
10.0
|
| mandrakesoft | mandrake_linux |
10.0
|
| redhat | fedora_core |
core_2.0
|
| suse | suse_linux |
7
|
| suse | suse_linux |
8
|
| suse | suse_linux |
8.0
|
| suse | suse_linux |
8.0
|
| suse | suse_linux |
8.1
|
| suse | suse_linux |
8.2
|
| suse | suse_linux |
9.0
|
| suse | suse_linux |
9.0
|
| suse | suse_linux |
9.1
|
References
Weakness Types
NVD-CWE-Other
CVE Information
- CVE ID:
CVE-2004-0460- Published:
- 2004-08-06
- Modified:
- 2025-04-03
- CVSS Score:
- 10.0
- Severity:
- HIGH
- Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Vendors
isc
redhat
mandrakesoft
infoblox
suse
Quick Actions
CVSS Severity Scale
0.0 - 3.9
LOW
4.0 - 6.9
MEDIUM
7.0 - 8.9
HIGH
9.0 - 10.0
CRITICAL