CVE Vulnerabilities

CVE-2004-1006

Published: Mar 01, 2005 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702.

Affected Software

Name Vendor Start Version End Version
Dhcpd Isc 2.0.pl5 (including) 2.0.pl5 (including)
Dhcpd Isc 3.0 (including) 3.0 (including)
Dhcpd Isc 3.0-rc12 (including) 3.0-rc12 (including)
Dhcpd Isc 3.0-rc4 (including) 3.0-rc4 (including)
Dhcpd Isc 3.0.1-rc1 (including) 3.0.1-rc1 (including)
Dhcpd Isc 3.0.1-rc10 (including) 3.0.1-rc10 (including)
Dhcpd Isc 3.0.1-rc11 (including) 3.0.1-rc11 (including)
Dhcpd Isc 3.0.1-rc12 (including) 3.0.1-rc12 (including)
Dhcpd Isc 3.0.1-rc13 (including) 3.0.1-rc13 (including)
Dhcpd Isc 3.0.1-rc14 (including) 3.0.1-rc14 (including)
Dhcpd Isc 3.0.1-rc2 (including) 3.0.1-rc2 (including)
Dhcpd Isc 3.0.1-rc3 (including) 3.0.1-rc3 (including)
Dhcpd Isc 3.0.1-rc4 (including) 3.0.1-rc4 (including)
Dhcpd Isc 3.0.1-rc5 (including) 3.0.1-rc5 (including)
Dhcpd Isc 3.0.1-rc6 (including) 3.0.1-rc6 (including)
Dhcpd Isc 3.0.1-rc7 (including) 3.0.1-rc7 (including)
Dhcpd Isc 3.0.1-rc8 (including) 3.0.1-rc8 (including)
Dhcpd Isc 3.0.1-rc9 (including) 3.0.1-rc9 (including)
Dhcpd Isc 3.0_b2pl9 (including) 3.0_b2pl9 (including)
Dhcpd Isc 3.0_b2pl23 (including) 3.0_b2pl23 (including)
Dhcpd Isc 3.0_pl1 (including) 3.0_pl1 (including)
Dhcpd Isc 3.0_pl2 (including) 3.0_pl2 (including)
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 RedHat *
Red Hat Enterprise Linux ES version 2.1 RedHat *
Red Hat Linux Advanced Workstation 2.1 RedHat *
Dhcp Ubuntu dapper *
Dhcp Ubuntu devel *
Dhcp Ubuntu edgy *
Dhcp Ubuntu feisty *

References