JVN/CVE Demo: Cveinfos

CVE

Id: 8889
CVE No.: CVE-2004-0461
Status: Candidate
Description: The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.
Phase: Assigned (20040512)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
56767	8889	CVE-2004-0461	BUGTRAQ:20040628 ISC DHCP overflows	View
56768	8889	CVE-2004-0461	URL:http://marc.info/?l=bugtraq&m=108843959502356&w=2	View
56769	8889	CVE-2004-0461	CONFIRM:http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf	View
56770	8889	CVE-2004-0461	MANDRAKE:MDKSA-2004:061	View
56771	8889	CVE-2004-0461	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2004:061	View
56772	8889	CVE-2004-0461	CERT:TA04-174A	View
56773	8889	CVE-2004-0461	URL:http://www.us-cert.gov/cas/techalerts/TA04-174A.html	View
56774	8889	CVE-2004-0461	CERT-VN:VU#654390	View
56775	8889	CVE-2004-0461	URL:http://www.kb.cert.org/vuls/id/654390	View
56776	8889	CVE-2004-0461	BUGTRAQ:20040622 DHCP Vuln // no code 0day //	View
56777	8889	CVE-2004-0461	URL:http://marc.info/?l=bugtraq&m=108795911203342&w=2	View
56778	8889	CVE-2004-0461	SUSE:SuSE-SA:2004:019	View
56779	8889	CVE-2004-0461	URL:http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.html	View
56780	8889	CVE-2004-0461	BUGTRAQ:20040708 [OpenPKG-SA-2004.031] OpenPKG Security Advisory (dhcpd)	View
56781	8889	CVE-2004-0461	URL:http://marc.info/?l=bugtraq&m=108938625206063&w=2	View
56782	8889	CVE-2004-0461	SECUNIA:23265	View
56783	8889	CVE-2004-0461	URL:http://secunia.com/advisories/23265	View
56784	8889	CVE-2004-0461	XF:dhcp-c-include-bo(16476)	View
56785	8889	CVE-2004-0461	URL:http://xforce.iss.net/xforce/xfdb/16476	View
56786	8889	CVE-2004-0461	BID:10591	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
63246	JVNDB-2004-000588	SSL-VPN製品におけるCookieの脆弱性	SSL-VPN製品で、SSLのクライアント認証を使用せずに、ユーザ名とパスワードでログインするモードを使用している場合にセッションハイジャックされる可能性があります。	CVE-2004-0462	8889	2.1		http://jvndb.jvn.jp/ja/contents/2004/JVNDB-2004-000588.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.27 MB
View render complete	2.70 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.63
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	389.24
Event: Controller.beforeRender	4.71
» Processing toolbar data	4.61
Rendering View	8.45
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	7.46
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.53
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.09
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/8889
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/8889
Remote Port	45474
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.148
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.78.197
Http Via	1.1 squid-proxy-5b5d847c96-v2jzj (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http Cookie	advanced-frontend=kcn1f6d5dp29pbu84ibdr3kfj7
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.216.148
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.148
Unique Id	aFUpb86DGYCv48IimbiKbQAAA-Y
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.216.148
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.148
Redirect Unique Id	aFUpb86DGYCv48IimbiKbQAAA-Y
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.216.148
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.148
Redirect Redirect Unique Id	aFUpb86DGYCv48IimbiKbQAAA-Y
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1750411631.6242
Request Time	1750411631

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files