CyberSec.Space Logo
Back to CVE Browser

CVE-2002-0702

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1050%
EPSS Percentile25.66th
PublishedJul 26, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response.

Affected Platforms (CPE)

πŸ“¦
Isc

Dhcpd

= 3.0
πŸ“¦
Isc

Dhcpd

= 3.0.1
πŸ“¦
Isc

Dhcpd

= 3.0.1
πŸ“¦
Isc

Dhcpd

= 3.0.1
πŸ“¦
Isc

Dhcpd

= 3.0.1
πŸ“¦
Isc

Dhcpd

= 3.0.1
πŸ“¦
Isc

Dhcpd

= 3.0.1
πŸ“¦
Isc

Dhcpd

= 3.0.1
πŸ“¦
Isc

Dhcpd

= 3.0.1

References & Advisories

πŸ”— ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-028.0.txt
πŸ”— http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0063.html
πŸ”— http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000483
πŸ”— http://marc.info/?l=bugtraq&m=102089498828206&w=2
πŸ”— http://www.cert.org/advisories/CA-2002-12.html
πŸ”— http://www.iss.net/security_center/static/9039.php
πŸ”— http://www.kb.cert.org/vuls/id/854315
πŸ”— http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-037.php

Related Vulnerabilities

CVE-2004-046010.0

Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers...

CVE-2004-046110.0

The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf func...

CVE-2004-100610.0

Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via cer...

CVE-2007-006210.0

Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before ...