CVE-2004-1006
published 2005-03-01CVE-2004-1006: Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a…
PriorityP337critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
7.97%
94.0th percentile
Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| isc | dhcpd | — | — |
| isc | dhcpd | — | — |
| isc | dhcpd | — | — |
| isc | dhcpd | — | — |
| isc | dhcpd | — | — |
| isc | dhcpd | — | — |
| isc | dhcpd | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3f5j-qwg9-83wr: Format string vulnerability in the log functions in dhcpd for dhcp 2
ghsa_unreviewed·2022-04-29·CVSS 10.0
CVE-2004-1006 [CRITICAL] GHSA-3f5j-qwg9-83wr: Format string vulnerability in the log functions in dhcpd for dhcp 2
Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702.
Red Hat
security flaw
vendor_redhat·2004-11-02·CVSS 10.0
CVE-2004-1006 [CRITICAL] security flaw
security flaw
Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702.
No detection rules found.
No public exploits indexed.
http://archives.neohapsis.com/archives/bugtraq/2004-10/0287.htmlhttp://archives.neohapsis.com/archives/bugtraq/2004-11/0037.htmlhttp://marc.info/?l=bugtraq&m=109968710822449&w=2http://www.debian.org/security/2004/dsa-584http://www.kb.cert.org/vuls/id/448384http://www.redhat.com/support/errata/RHSA-2005-212.htmlhttp://www.securityfocus.com/bid/11591https://exchange.xforce.ibmcloud.com/vulnerabilities/17963http://archives.neohapsis.com/archives/bugtraq/2004-10/0287.htmlhttp://archives.neohapsis.com/archives/bugtraq/2004-11/0037.htmlhttp://marc.info/?l=bugtraq&m=109968710822449&w=2http://www.debian.org/security/2004/dsa-584http://www.kb.cert.org/vuls/id/448384http://www.redhat.com/support/errata/RHSA-2005-212.htmlhttp://www.securityfocus.com/bid/11591https://exchange.xforce.ibmcloud.com/vulnerabilities/17963
2005-03-01
Published