cbcvebase.
CVE-2004-1006
published 2005-03-01

CVE-2004-1006: Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a…

PriorityP337critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
7.97%
94.0th percentile
Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702.

Affected

7 ranges
VendorProductVersion rangeFixed in
iscdhcpd
iscdhcpd
iscdhcpd
iscdhcpd
iscdhcpd
iscdhcpd
iscdhcpd

CVSS provenance

nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.