Vulnerabilities > Infoblox > Critical

DATE CVE VULNERABILITY TITLE RISK
2015-02-20 CVE-2015-2033 Improper Authentication vulnerability in Infoblox Netmri
Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request.
network
low complexity
infoblox CWE-287
critical
10.0
2014-07-15 CVE-2014-3418 OS Command Injection vulnerability in Infoblox Netmri
config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter.
network
low complexity
infoblox CWE-78
critical
10.0
2004-08-06 CVE-2004-0461 Buffer Overflow vulnerability in ISC DHCPD VSPRINTF
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.
network
low complexity
infoblox isc suse mandrakesoft redhat
critical
10.0
2004-08-06 CVE-2004-0460 Buffer Overflow vulnerability in ISC DHCPD Hostname Options Logging
Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file.
network
low complexity
infoblox isc suse mandrakesoft redhat
critical
10.0