Total vulnerabilities in the database
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.
| Software | From | Fixed in |
|---|---|---|
| infoblox / dns_one_appliance | 2.3.1_r5 | 2.3.1_r5.x |
| infoblox / dns_one_appliance | 2.4.0.8 | 2.4.0.8.x |
| infoblox / dns_one_appliance | 2.4.0.8a | 2.4.0.8a.x |
| isc / dhcpd | 3.0.1-rc13 | 3.0.1-rc13.x |
| isc / dhcpd | 3.0.1-rc12 | 3.0.1-rc12.x |
| suse / suse_email_server | iii | iii.x |
| suse / suse_linux_admin-cd_for_firewall | - | - |
| suse / suse_linux_connectivity_server | - | - |
| suse / suse_linux_database_server | - | - |
| suse / suse_linux_firewall_cd | - | - |
| suse / suse_linux_office_server | - | - |
| redhat / fedora_core | core_2.0 | core_2.0.x |
| suse / suse_linux | 9.0 | 9.0.x |
| suse / suse_linux | 8.2 | 8.2.x |
| suse / suse_linux | 8 | 8.x |
| mandrakesoft / mandrake_linux | 9.2 | 9.2.x |
| suse / suse_linux | 8.0 | 8.0.x |
| mandrakesoft / mandrake_linux | 9.0 | 9.0.x |
| suse / suse_linux | 7 | 7.x |
| suse / suse_linux | 9.1 | 9.1.x |
| mandrakesoft / mandrake_linux | 9.1 | 9.1.x |
| mandrakesoft / mandrake_linux | 10.0 | 10.0.x |
| suse / suse_linux | 8.1 | 8.1.x |