ID CVE-2002-0651
Summary Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers.
References
Vulnerable Configurations
  • cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 10-10-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
oval via4
accepted 2005-03-09T07:56:00.000-04:00
class vulnerability
contributors
name Brian Soby
organization The MITRE Corporation
description Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers.
family unix
id oval:org.mitre.oval:def:4190
status accepted
submitted 2005-01-19T12:00:00.000-04:00
title Buffer Overflow in DNS Resolver Library
version 35
redhat via4
advisories
  • rhsa
    id RHSA-2002:119
  • rhsa
    id RHSA-2002:133
  • rhsa
    id RHSA-2002:139
  • rhsa
    id RHSA-2002:167
  • rhsa
    id RHSA-2003:154
refmap via4
aixapar
  • IY32719
  • IY32746
bid 5100
bugtraq
  • 20020626 Remote buffer overflow in resolver code of libc
  • 20020704 [OpenPKG-SA-2002.006] OpenPKG Security Advisory (bind)
caldera
  • CSSA-2002-SCO.37
  • CSSA-2002-SCO.39
cert CA-2002-19
cert-vn VU#803539
conectiva CLSA-2002:507
engarde ESA-20020724-018
freebsd FreeBSD-SA-02:28
mandrake
  • MDKSA-2002:038
  • MDKSA-2002:043
misc http://www.pine.nl/advisories/pine-cert-20020601.txt
netbsd NetBSD-SA2002-006
ntbugtraq 20020703 Buffer overflow and DoS i BIND
sgi 20020701-01-I
xf dns-resolver-lib-bo(9432)
Last major update 10-10-2017 - 01:30
Published 03-07-2002 - 04:00
Last modified 10-10-2017 - 01:30
Back to Top