Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2003-0026

Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname.

  • Published: Jan 17, 2003
  • Updated: Apr 13, 2023
  • CVE: CVE-2003-0026
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
isc / dhcpd 3.0.1-rc4 3.0.1-rc4.x
isc / dhcpd 3.0.1-rc5 3.0.1-rc5.x
isc / dhcpd 3.0.1-rc1 3.0.1-rc1.x
isc / dhcpd 3.0 3.0.x
isc / dhcpd 3.0.1-rc8 3.0.1-rc8.x
isc / dhcpd 3.0.1-rc3 3.0.1-rc3.x
isc / dhcpd 3.0.1-rc6 3.0.1-rc6.x
isc / dhcpd 3.0.1-rc2 3.0.1-rc2.x
isc / dhcpd 3.0.1-rc7 3.0.1-rc7.x