Dual DHCP DNS Server DHCP 远程缓冲区溢出漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1109600 漏洞类型 缓冲区溢出
发布时间 2006-01-07 更新时间 2006-01-31
CVE编号 CVE-2006-0304 CNNVD-ID CNNVD-200601-211
漏洞平台 Multiple CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/27108
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200601-211
|漏洞详情
DualDHCPDNSServer1.0中存在缓冲区溢出,远程攻击者可以通过DHCP选项字段使系统拒绝服务(应用程序崩溃),并可能执行任意代码。
|漏洞EXP
source: http://www.securityfocus.com/bid/16298/info

Dual DHCP DNS Server is prone to a remote buffer overflow vulnerability.

The vulnerability presents itself when the server handles excessive data through the DHCP options field.

Successful exploitation can allow attackers to trigger a denial of service condition or execute arbitrary code to gain unauthorized remote access in the context of the affected server.

Dual DHCP DNS Server 1.0 is reported to be affected. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/27108.zip
|参考资料

来源:SECUNIA
名称:18486
链接:http://secunia.com/advisories/18486
来源:MISC
链接:http://aluigi.altervista.org/adv/dualsbof-adv.txt
来源:XF
名称:dualdhcpdns-options-field-bo(24191)
链接:http://xforce.iss.net/xforce/xfdb/24191
来源:BID
名称:16298
链接:http://www.securityfocus.com/bid/16298
来源:VUPEN
名称:ADV-2006-0245
链接:http://www.frsirt.com/english/advisories/2006/0245
来源:SECTRACK
名称:1015495
链接:http://securitytracker.com/id?1015495