CVE-2004-0461

Current Description

The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.

Basic Data

PublishedAugust 06, 2004
Last ModifiedJuly 11, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score10.0
SeverityHIGH
Exploitability Score10.0
Impact Score10.0
Obtain All Privilegetrue
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • AND
    • OR - Configuration 1
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3HardwareInfobloxDns One Appliance2.3.1_r5*******
      2.3HardwareInfobloxDns One Appliance2.4.0.8*******
      2.3HardwareInfobloxDns One Appliance2.4.0.8a*******
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3ApplicationIscDhcpd3.0.1rc12******
      2.3ApplicationIscDhcpd3.0.1rc13******
      2.3ApplicationSuseSuse Email Serveriii*******
      2.3ApplicationSuseSuse Linux Admin-cd For Firewall********
      2.3ApplicationSuseSuse Linux Connectivity Server********
      2.3ApplicationSuseSuse Linux Database Server********
      2.3ApplicationSuseSuse Linux Firewall Cd********
      2.3ApplicationSuseSuse Linux Office Server********
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSMandrakesoftMandrake Linux9.0*******
    2.3OSMandrakesoftMandrake Linux9.1*******
    2.3OSMandrakesoftMandrake Linux9.1*ppc*****
    2.3OSMandrakesoftMandrake Linux9.2*******
    2.3OSMandrakesoftMandrake Linux9.2*amd64*****
    2.3OSMandrakesoftMandrake Linux10.0*******
    2.3OSMandrakesoftMandrake Linux10.0*amd64*****
    2.3OSRedhatFedora Corecore_2.0*******
    2.3OSSuseSuse Linux7*enterprise_server*****
    2.3OSSuseSuse Linux8*enterprise_server*****
    2.3OSSuseSuse Linux8.0*******
    2.3OSSuseSuse Linux8.0*i386*****
    2.3OSSuseSuse Linux8.1*******
    2.3OSSuseSuse Linux8.2*******
    2.3OSSuseSuse Linux9.0*******
    2.3OSSuseSuse Linux9.0*x86_64*****
    2.3OSSuseSuse Linux9.1*******

Vulnerable Software List

VendorProductVersions
Infoblox Dns One Appliance 2.3.1_r5, 2.4.0.8, 2.4.0.8a
Isc Dhcpd 3.0.1
Redhat Fedora Core core_2.0
Mandrakesoft Mandrake Linux 10.0, 9.0, 9.1, 9.2
Suse Suse Linux Office Server *
Suse Suse Linux 7, 8, 8.0, 8.1, 8.2, 9.0, 9.1
Suse Suse Email Server iii
Suse Suse Linux Admin-cd For Firewall *
Suse Suse Linux Connectivity Server *
Suse Suse Linux Database Server *
Suse Suse Linux Firewall Cd *

References

NameSourceURLTags
20040622 DHCP Vuln // no code 0day //http://marc.info/?l=bugtraq&m=108795911203342&w=2BUGTRAQ
20040628 ISC DHCP overflowshttp://marc.info/?l=bugtraq&m=108843959502356&w=2BUGTRAQ
20040708 [OpenPKG-SA-2004.031] OpenPKG Security Advisory (dhcpd)http://marc.info/?l=bugtraq&m=108938625206063&w=2BUGTRAQ
23265http://secunia.com/advisories/23265SECUNIA
VU#654390http://www.kb.cert.org/vuls/id/654390CERT-VNUS Government Resource
MDKSA-2004:061http://www.mandriva.com/security/advisories?name=MDKSA-2004:061MANDRAKE
SuSE-SA:2004:019http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.htmlSUSE
10591http://www.securityfocus.com/bid/10591BIDPATCH Vendor Advisory
TA04-174Ahttp://www.us-cert.gov/cas/techalerts/TA04-174A.htmlCERTThird Party Advisory US Government Resource
http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdfhttp://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdfCONFIRM
dhcp-c-include-bo(16476)https://exchange.xforce.ibmcloud.com/vulnerabilities/16476XF