CVE-2004-1006

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1070%

EPSS Percentile34.55th

PublishedMar 1, 2005

Last ModifiedApr 16, 2026

Vulnerability Description

Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702.

Affected Platforms (CPE)

📦

Isc

Dhcpd

= 2.0.pl5

📦

Isc

Dhcpd

= 3.0

📦

Isc

Dhcpd

= 3.0

📦

Isc

Dhcpd

= 3.0

📦

Isc

Dhcpd

= 3.0.1

📦

Isc

Dhcpd

= 3.0.1

📦

Isc

Dhcpd

= 3.0.1

📦

Isc

Dhcpd

= 3.0.1

📦

Isc

Dhcpd

= 3.0.1

📦

Isc

Dhcpd

= 3.0.1

📦

Isc

Dhcpd

= 3.0.1

📦

Isc

Dhcpd

= 3.0.1

📦

Isc

Dhcpd

= 3.0.1

📦

Isc

Dhcpd

= 3.0.1

📦

Isc

Dhcpd

= 3.0.1

📦

Isc

Dhcpd

= 3.0.1

📦

Isc

Dhcpd

= 3.0.1

📦

Isc

Dhcpd

= 3.0.1

📦

Isc

Dhcpd

= 3.0_b2pl9

📦

Isc

Dhcpd

= 3.0_b2pl23

📦

Isc

Dhcpd

= 3.0_pl1

📦

Isc

Dhcpd

= 3.0_pl2

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2004-10/0287.html

🔗 http://archives.neohapsis.com/archives/bugtraq/2004-11/0037.html

🔗 http://marc.info/?l=bugtraq&m=109968710822449&w=2

🔗 http://www.debian.org/security/2004/dsa-584

🔗 http://www.kb.cert.org/vuls/id/448384

🔗 http://www.redhat.com/support/errata/RHSA-2005-212.html

🔗 http://www.securityfocus.com/bid/11591

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/17963

Vulnerability Description

Affected Platforms (CPE)

Dhcpd

Dhcpd

Dhcpd

Dhcpd

Dhcpd

Dhcpd

Dhcpd

Dhcpd

Dhcpd

Dhcpd

Dhcpd

Dhcpd

Dhcpd

Dhcpd

Dhcpd

Dhcpd

Dhcpd

Dhcpd

Dhcpd

Dhcpd

Dhcpd

Dhcpd

References & Advisories

Related Vulnerabilities