JVN/CVE Demo: Cveinfos

CVE

Id: 6855
CVE No.: CVE-2003-0026
Status: Candidate
Description: Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname.
Phase: Modified (20071129)
Votes: ACCEPT(4) Baker, Cole, Cox, Wall | MODIFY(1) Frech | NOOP(1) Christey
Comments: Frech> XF:dhcpd-minires-multiple-bo(11073) | Christey> MANDRAKE:MDKSA-2003:007 | URL:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:007 | SUSE:SUSE-SA:2003:0006 | URL:http://www.suse.de/de/security/2003_006_dhcp.html | | Since the SuSE advisory name is "malformed" according to | SuSE"s own convention, make sure that "SuSE-SA:2003:006" is in | the keywords for this CAN.

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
38938	6855	CVE-2003-0026	CONECTIVA:CLA-2003:562	View
38939	6855	CVE-2003-0026	URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000562	View
38940	6855	CVE-2003-0026	DEBIAN:DSA-231	View
38941	6855	CVE-2003-0026	URL:http://www.debian.org/security/2003/dsa-231	View
38942	6855	CVE-2003-0026	MANDRAKE:MDKSA-2003:007	View
38943	6855	CVE-2003-0026	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2003:007	View
38944	6855	CVE-2003-0026	OPENPKG:OpenPKG-SA-2003.002	View
38945	6855	CVE-2003-0026	URL:http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.002.html	View
38946	6855	CVE-2003-0026	REDHAT:RHSA-2003:011	View
38947	6855	CVE-2003-0026	URL:http://www.redhat.com/support/errata/RHSA-2003-011.html	View
38948	6855	CVE-2003-0026	SUSE:SuSE-SA:2003:0006	View
38949	6855	CVE-2003-0026	URL:http://www.suse.com/de/security/2003_006_dhcp.html	View
38950	6855	CVE-2003-0026	BUGTRAQ:20030122 [securityslackware.com: [slackware-security] New DHCP packages available]	View
38951	6855	CVE-2003-0026	URL:http://archives.neohapsis.com/archives/bugtraq/2003-01/0250.html	View
38952	6855	CVE-2003-0026	SUSE:SuSE-SA:2003:006	View
38953	6855	CVE-2003-0026	URL:http://www.suse.com/de/security/2003_006_dhcp.html	View
38954	6855	CVE-2003-0026	CERT:CA-2003-01	View
38955	6855	CVE-2003-0026	URL:http://www.cert.org/advisories/CA-2003-01.html	View
38956	6855	CVE-2003-0026	CERT-VN:VU#284857	View
38957	6855	CVE-2003-0026	URL:http://www.kb.cert.org/vuls/id/284857	View
38958	6855	CVE-2003-0026	CIAC:N-031	View
38959	6855	CVE-2003-0026	URL:http://www.ciac.org/ciac/bulletins/n-031.shtml	View
38960	6855	CVE-2003-0026	BID:6627	View
38961	6855	CVE-2003-0026	URL:http://www.securityfocus.com/bid/6627	View
38962	6855	CVE-2003-0026	SECTRACK:1005924	View
38963	6855	CVE-2003-0026	URL:http://www.securitytracker.com/id?1005924	View
38964	6855	CVE-2003-0026	XF:dhcpd-minires-multiple-bo(11073)	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
63286	JVNDB-2003-000012	Sun KCMS ライブラリサービスにおける任意のファイルの読み込みが可能な脆弱性	kcms_server の引数として渡されるファイル名に対するチェックが不適切であるため、本来許可されていないファイルを読み込んでしまう脆弱性が存在します。	CVE-2003-0027	6855	5		http://jvndb.jvn.jp/ja/contents/2003/JVNDB-2003-000012.html	View

Message	Memory use
Component initialization	1.38 MB
Controller action start	1.48 MB
Controller render start	2.28 MB
View render complete	2.72 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.78
Event: Controller.initialize	0.02
Event: Controller.startup	0.41
Controller action	452.34
Event: Controller.beforeRender	4.77
» Processing toolbar data	4.66
Rendering View	9.27
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	8.35
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.51
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.09
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/6855
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/6855
Remote Port	31230
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	3.145.71.192
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	3.145.71.192
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	3.145.71.192
Unique Id	aBt1nPplYEFyiz1-rVXzWwAAATU
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	3.145.71.192
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	3.145.71.192
Redirect Unique Id	aBt1nPplYEFyiz1-rVXzWwAAATU
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	3.145.71.192
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	3.145.71.192
Redirect Redirect Unique Id	aBt1nPplYEFyiz1-rVXzWwAAATU
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1746630044.2133
Request Time	1746630044

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files