CyberSec.Space Logo
Back to CVE Browser

CVE-2004-0460

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0280%
EPSS Percentile27.41th
PublishedAug 6, 2004
Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file.

Affected Platforms (CPE)

πŸ”Œ
Infoblox

Dns One Appliance

= 2.3.1_r5
πŸ”Œ
Infoblox

Dns One Appliance

= 2.4.0.8
πŸ”Œ
Infoblox

Dns One Appliance

= 2.4.0.8a
πŸ“¦
Isc

Dhcpd

= 3.0.1
πŸ“¦
Isc

Dhcpd

= 3.0.1
πŸ“¦
Suse

Suse Email Server

= iii
πŸ“¦
Suse

Suse Linux Admin Cd For Firewall

All versions
πŸ“¦
Suse

Suse Linux Connectivity Server

All versions
πŸ“¦
Suse

Suse Linux Database Server

All versions
πŸ“¦
Suse

Suse Linux Firewall Cd

All versions
πŸ“¦
Suse

Suse Linux Office Server

All versions
πŸ’»
Mandrakesoft

Mandrake Linux

= 9.0
πŸ’»
Mandrakesoft

Mandrake Linux

= 9.1
πŸ’»
Mandrakesoft

Mandrake Linux

= 9.1
πŸ’»
Mandrakesoft

Mandrake Linux

= 9.2
πŸ’»
Mandrakesoft

Mandrake Linux

= 9.2
πŸ’»
Mandrakesoft

Mandrake Linux

= 10.0
πŸ’»
Mandrakesoft

Mandrake Linux

= 10.0
πŸ’»
Redhat

Fedora Core

= core_2.0
πŸ’»
Suse

Suse Linux

= 7
πŸ’»
Suse

Suse Linux

= 8
πŸ’»
Suse

Suse Linux

= 8.0
πŸ’»
Suse

Suse Linux

= 8.0
πŸ’»
Suse

Suse Linux

= 8.1
πŸ’»
Suse

Suse Linux

= 8.2
πŸ’»
Suse

Suse Linux

= 9.0
πŸ’»
Suse

Suse Linux

= 9.0
πŸ’»
Suse

Suse Linux

= 9.1

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=108795911203342&w=2
πŸ”— http://marc.info/?l=bugtraq&m=108843959502356&w=2
πŸ”— http://marc.info/?l=bugtraq&m=108938625206063&w=2
πŸ”— http://secunia.com/advisories/23265
πŸ”— http://www.kb.cert.org/vuls/id/317350
πŸ”— http://www.mandriva.com/security/advisories?name=MDKSA-2004:061
πŸ”— http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.html
πŸ”— http://www.securityfocus.com/bid/10590

Related Vulnerabilities

CVE-2004-090410.0

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird...

CVE-2004-129010.0

Buffer overflow in the process_moves function in pgn2web.c for pgn2web 0.3 allows remote attackers to execute arbitrary code via a...

CVE-2004-041810.0

serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow ...

CVE-2004-105010.0

Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME a...