Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2004-0461
HistoryAug 06, 2004 - 4:00 a.m.

CVE-2004-0461

2004-08-0604:00:00
[email protected]
web.nvd.nist.gov
28
isc dhcp
cve-2004-0461
dhcpd
buffer overflow
denial of service
vsprintf
nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.025 Low

EPSS

Percentile

90.1%

JSON

The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.

Affected configurations

NVD
Node
infobloxdns_one_applianceMatch2.3.1_r5
OR
infobloxdns_one_applianceMatch2.4.0.8
OR
infobloxdns_one_applianceMatch2.4.0.8a
AND
iscdhcpdMatch3.0.1rc12
OR
iscdhcpdMatch3.0.1rc13
OR
susesuse_email_serverMatchiii
OR
susesuse_linux_admin-cd_for_firewall
OR
susesuse_linux_connectivity_server
OR
susesuse_linux_database_server
OR
susesuse_linux_firewall_cd
OR
susesuse_linux_office_server
Node
mandrakesoftmandrake_linuxMatch9.0
OR
mandrakesoftmandrake_linuxMatch9.1
OR
mandrakesoftmandrake_linuxMatch9.1ppc
OR
mandrakesoftmandrake_linuxMatch9.2
OR
mandrakesoftmandrake_linuxMatch9.2amd64
OR
mandrakesoftmandrake_linuxMatch10.0
OR
mandrakesoftmandrake_linuxMatch10.0amd64
OR
redhatfedora_coreMatchcore_2.0
OR
susesuse_linuxMatch7enterprise_server
OR
susesuse_linuxMatch8enterprise_server
OR
susesuse_linuxMatch8.0
OR
susesuse_linuxMatch8.0i386
OR
susesuse_linuxMatch8.1
OR
susesuse_linuxMatch8.2
OR
susesuse_linuxMatch9.0
OR
susesuse_linuxMatch9.0x86_64
OR
susesuse_linuxMatch9.1

Related

nvd 1
cert 1
cvelist 1
securityvulns 1
nessus 1
suse 1
nvd
nvd
CVE-2004-0461
2004-08-06 04:00:00
cert
cert
ISC DHCP contains C Includes that define vsnprintf() to vsprintf() creating potential buffer overflow conditions
2004-06-22 00:00:00
cvelist
cvelist
CVE-2004-0461
2004-06-24 04:00:00
securityvulns
securityvulns
US-CERT Technical Cyber Security Alert TA04-174A -- Multiple Vulnerabilities in ISC DHCP 3
2004-06-23 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : dhcp (MDKSA-2004:061)
2004-07-31 00:00:00
suse
suse
remote system compromise in dhcp/dhcp-server
2004-06-23 07:29:17

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.025 Low

EPSS

Percentile

90.1%

JSON
Related for CVE-2004-0461
nvd1cert1cvelist1securityvulns1nessus1suse1