Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2002-0702

Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response.

  • Published: Jul 26, 2002
  • Updated: Apr 13, 2023
  • CVE: CVE-2002-0702
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
isc / dhcpd 3.0.1-rc4 3.0.1-rc4.x
isc / dhcpd 3.0.1-rc5 3.0.1-rc5.x
isc / dhcpd 3.0.1-rc1 3.0.1-rc1.x
isc / dhcpd 3.0 3.0.x
isc / dhcpd 3.0.1-rc8 3.0.1-rc8.x
isc / dhcpd 3.0.1-rc3 3.0.1-rc3.x
isc / dhcpd 3.0.1-rc6 3.0.1-rc6.x
isc / dhcpd 3.0.1-rc2 3.0.1-rc2.x
isc / dhcpd 3.0.1-rc7 3.0.1-rc7.x