CERTVU:852283Cached malformed SIG record buffer overflow
0.152 Low
EPSS
Percentile
95.9%
Overview
A vulnerability in BIND allows remote attackers to execute code with the privileges of the process running named. This vulnerability is resolved in BIND versions 4.9.11, 8.2.7, 8.3.4, and BIND 9.
Description
A remotely exploitable buffer overflow exists in named. An attacker using malformed SIG records can exploit this vulnerability against a nameserver with recursion enabled. The overflow occurs when the nameserver constructs responses to recursive requests using the malformed SIG records, leading to arbitrary code execution as the named uid, typically root. As was the case with a previous issue affecting named and NXT records (CA-1999-14, VU#16532), a malicious server must reply to a forwarded request from a recursive nameserver in order to exploit the vulnerability. However, as with the NXT record exploit, a full-service nameserver is not required, only a service replying to a legitimate victim nameserver request.
The following versions of BIND are affected:
- BIND versions 4.9.5 to 4.9.10
- BIND versions 8.1, 8.2 to 8.2.6, and 8.3.0 to 8.3.3
Impact
A remote attacker could execute arbitrary code on the nameserver with the privileges of the named uid, typically root.
Solution
Upgrade to BIND 4.9.11, BIND 8.2.7, BIND 8.3.4, or BIND 9.
One interim workaround is to disable recursion on vulnerable servers.
Vendor Information
852283
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Apple Computer Inc. __ Affected
Notified: November 12, 2002 Updated: December 03, 2002
Status
Affected
Vendor Statement
Affected Systems: Mac OS X and Mac OS X Server with BIND versions 8.1, 8.2 to 8.2.6, and 8.3.0 to 8.3.3
Mitigating Factors: BIND is not enabled by default on Mac OS X or Mac OS X Server
This is addressed in Security Update 2002-11-21
<http://www.apple.com/support/security/security_updates.html>
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Conectiva __ Affected
Notified: November 12, 2002 Updated: November 14, 2002
Status
Affected
Vendor Statement
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
`- --------------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT
PACKAGE : bind
SUMMARY : Remote vulnerabilities in the BIND DNS server
DATE : 2002-11-14 15:36:00
ID : CLA-2002:546
RELEVANT
RELEASES : 6.0
- -------------------------------------------------------------------------
DESCRIPTION
“bind” is probably the most used DNS server on the internet.
ISS reported[7] buffer overflow and denial of service vulnerabilities
in some versions of the BIND software. The most dangerous one, the
buffer overflow, could be used by remote attacker to execute
arbitrary code on the server with the privileges of the user running
the “named” process.
The vulnerabilities explained below affect BIND as shipped with
Conectiva Linux 6.0. Conectiva Linux 7.0 and 8 already ship BIND 9.x,
which is not vulnerable to the problems reported by ISS.
1) Buffer overflow (CAN-2002-1219) [5]
An attacker who can make a vulnerable BIND server make recursive
queries to a domain that he (the attacker) controls can exploit this
vulnerability and execute arbitrary code on the server with the same
privileges as the “named” process. The BIND packages in Conectiva
Linux run the “named” process with an unprivileged user, and not
root, which mitigates the impact of this vulnerability somewhat,
requiring that the attacker take further steps to obtain root access.
Additionally, there is the bind-chroot package which, if used, runs
the server in a chroot area under /var/named which imposes an
additional restriction on the actions a potential intruder can take.
2) Denial of service (CAN-2002-1221) [6]
The BIND server can be triggered into attempting a NULL pointer
dereference which will terminate the service. This can be caused by a
remote attacker who controls a DNS server authoritative for some
domain queried by the vulnerable BIND server.
`
The packages available through this advisory were built with patches that were made publicly available[3] by ISC less than 24 hours ago. Conectiva Linux and the majority of other GNU/Linux distributions were notified about this vulnerability (but with not enough details to produce a patch) about 12 hours before ISS made it public[7]. We are worried about the way in which this whole incident has been handled, specially when considering that DNS is part of the internet infrastructure and thus a vital service.
We, and many vendors, do believe in what is commonly called "responsible full disclosure"[8], where all details about a vulnerability are made public after all vendors were notified in advance and have had a reasonable amount of time to prepare and test updated packages. We believe this to be the most secure and responsible method for disclosing vulnerabilities.
SOLUTION All BIND users should upgrade immediately. After the upgrade, the named service will be automatically restarted if needed.
If it is not possible to upgrade the packages immediately, users should disable recursive queries or restrict them. Disabling recursive queries can be done by the "recursion no;" parameter in the options section of the named.conf configuration file. Restricting access to such queries can be accomplished via the "allow-recursion" directive in the same configuration file.
REFERENCES 1.http://www.isc.org/ 2.http://www.cert.org/advisories/CA-2002-31.html 3.http://www.isc.org/products/BIND/patches/bind826.diff 4.http://www.isc.org/products/BIND/bind-security.html 5.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1219 6.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1221 7.https://gtoc.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469 8.http://distro.conectiva.com.br/seguranca/problemas/?idioma=en
DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES ``<ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/bind-8.2.6-1U60_2cl.src.rpm>`` ``<ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/bind-chroot-8.2.6-1U60_2cl.src.rpm>`` ``<ftp://atualizacoes.conectiva.com.br/6.0/RPMS/bind-8.2.6-1U60_2cl.i386.rpm>`` ``<ftp://atualizacoes.conectiva.com.br/6.0/RPMS/bind-chroot-8.2.6-1U60_2cl.i386.rpm>`` ``<ftp://atualizacoes.conectiva.com.br/6.0/RPMS/bind-devel-8.2.6-1U60_2cl.i386.rpm>`` ``<ftp://atualizacoes.conectiva.com.br/6.0/RPMS/bind-devel-static-8.2.6-1U60_2cl.i386.rpm>`` ``<ftp://atualizacoes.conectiva.com.br/6.0/RPMS/bind-doc-8.2.6-1U60_2cl.i386.rpm>`` ``<ftp://atualizacoes.conectiva.com.br/6.0/RPMS/bind-utils-8.2.6-1U60_2cl.i386.rpm>``
`ADDITIONAL INSTRUCTIONS
Users of Conectiva Linux version 6.0 or higher may use apt to perform
upgrades of RPM packages:
- add the following line to /etc/apt/sources.list if it is not there yet
(you may also use linuxconf to do this):
<ftp://atualizacoes.conectiva.com.br>6.0/conectiva updates
- after that, execute: apt-get upgrade
can be found at<http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en>
`
`- -------------------------------------------------------------------------
All packages are signed with Conectiva’s GPG key. The key and instructions
on how to import it can be found at
<http://distro.conectiva.com.br/seguranca/chave/?idioma=en>
Instructions on how to check the signatures of the RPM packages can be
found at <http://distro.conectiva.com.br/seguranca/politica/?idioma=en>
All our advisories and generic update instructions can be viewed at
<http://distro.conectiva.com.br/atualizacoes/?idioma=en>
- -------------------------------------------------------------------------
subscribe: [email protected]
unsubscribe: [email protected]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see <http://www.gnupg.org>
iD8DBQE9099O42jd0JmAcZARAiZGAKDMz0e8eiF+0Zws8sQkvkE5NcHKywCg24tc
ixMwRpolJ8skSz3KyrLfVjM=
=Smdc
-----END PGP SIGNATURE-----
`
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Debian __ Affected
Notified: November 12, 2002 Updated: November 14, 2002
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
Please see <http://www.debian.org/security/2002/dsa-196>.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Engarde __ Affected
Notified: November 12, 2002 Updated: November 14, 2002
Status
Affected
Vendor Statement
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
+------------------------------------------------------------------------+ | EnGarde Secure Linux Security Advisory November 14, 2002 | | ``<http://www.engardelinux.org/>`` ESA-20021114-029 | | | | Packages: bind-chroot, bind-chroot-utils | | Summary: buffer overflow, DoS attacks. | +------------------------------------------------------------------------+
EnGarde Secure Linux is a secure distribution of Linux that features improved access control, host and network intrusion detection, Web based secure remote management, e-commerce, and integrated open source security tools.
`OVERVIEW
Several vulnerabilities were found in the BIND nameserver. The
vulnerabilities, discovered by ISS, range from buffer overflows to
denial of service (DoS) attacks.
The summaries below are from the ISS advisory which may be found at:
<http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469>
* CAN-2002-1219 – BIND SIG Cached RR Overflow Vulnerability
“A buffer overflow exists in BIND 4 and 8 that may lead to remote
compromise of vulnerable DNS servers. An attacker who controls any
authoritative DNS server may cause BIND to cache DNS information
within its internal database, if recursion is enabled. Recursion is
enabled by default unless explicitly disabled via command line
options or in the BIND configuration file. Attackers must either
create their own name server that is authoritative for any domain,
or compromise any other authoritative server with the same criteria.
Cached information is retrieved when requested by a DNS client. There
is a flaw in the formation of DNS responses containing SIG resource
records (RR) that can lead to buffer overflow and execution of
arbitrary code.”
* CAN-2002-1220 – BIND OPT DoS
“Recursive BIND 8 servers can be caused to abruptly terminate due to
an assertion failure. A client requesting a DNS lookup on a
nonexistent sub- domain of a valid domain name may cause BIND 8 to
terminate by attaching an OPT resource record with a large UDP
payload size. This DoS may also be triggered for queries on domains
whose authoritative DNS servers are unreachable.”
* CAN-2002-1221 – BIND SIG Expiry Time DoS
“Recursive BIND 8 servers can be caused to abruptly terminate due to a
null pointer dereference. An attacker who controls any authoritative
name server may cause vulnerable BIND 8 servers to attempt to cache
SIG RR elements with invalid expiry times. These are removed from the
BIND internal database, but later improperly referenced, leading to a
DoS condition.”
All users should upgrade as soon as possible.
SOLUTION
Users of the EnGarde Professional edition can use the Guardian Digital
Secure Network to update their systems automatically.
EnGarde Community users should upgrade to the most recent version
as outlined in this advisory. Updates may be obtained from:
<ftp://ftp.engardelinux.org/pub/engarde/stable/updates/>
<http://ftp.engardelinux.org/pub/engarde/stable/updates/>
Before upgrading the package, the machine must either:
a) be booted into a “standard” kernel; or
b) have LIDS disabled.
To disable LIDS, execute the command:
# /sbin/lidsadm -S – -LIDS_GLOBAL
To install the updated package, execute the command:
# rpm -Uvh files
You must now update the LIDS configuration by executing the command:
# /usr/sbin/config_lids.pl
To re-enable LIDS (if it was disabled), execute the command:
# /sbin/lidsadm -S – +LIDS_GLOBAL
To verify the signatures of the updated packages, execute the command:
# rpm -Kv files
UPDATED PACKAGES
These updated packages are for EnGarde Secure Linux Community
Edition.
Source Packages:
SRPMS/bind-chroot-8.2.6-1.0.29.src.rpm
MD5 Sum: 3c845d09bcbe9b07e5395d75a8686689
Binary Packages:
i386/bind-chroot-8.2.6-1.0.29.i386.rpm
MD5 Sum: 0c1daf47be94ae0fd5a29e4007bf68c2
i386/bind-chroot-utils-8.2.6-1.0.29.i386.rpm
MD5 Sum: 58e0e54d895b8dc3c6f6b5e9228912fb
i686/bind-chroot-8.2.6-1.0.29.i686.rpm
MD5 Sum: 84cb58f02d228859a2fbda3ed1b46dd5
i686/bind-chroot-utils-8.2.6-1.0.29.i686.rpm
MD5 Sum: 20fb3e4a34cecb431511308afe027941
REFERENCES
Guardian Digital’s public key:
<http://ftp.engardelinux.org/pub/engarde/ENGARDE-GPG-KEY>
BIND’s Official Web Site:
<http://www.isc.org/products/BIND/>
Security Contact: [email protected]
EnGarde Advisories: <http://www.engardelinux.org/advisories.html>
- --------------------------------------------------------------------------
$Id: ESA-20021114-029-bind-chroot,v 1.4 2002/11/14 10:02:51 rwm Exp $
Author: Ryan W. Maple <[email protected]>
Copyright 2002, Guardian Digital, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see <http://www.gnupg.org>
iD8DBQE903h0HD5cqd57fu0RAgQ2AJ4h+6JBMcFRlC3vKwfRi7dnMRE69ACbBQoO
jReNCYKqxnuwuvOLsRqhznY=
=9v8+
-----END PGP SIGNATURE-----`
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
FreeBSD __ Affected
Notified: November 12, 2002 Updated: November 14, 2002
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
Please see <ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:43.bind.asc>
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
IBM __ Affected
Notified: November 12, 2002 Updated: November 18, 2002
Status
Affected
Vendor Statement
The AIX operating system is vulnerable to the named and DNS resolver issues in releases 4.3.3, 5.1.0 and 5.2.0. Temporary patches will be available through an efix package by 11/22/2002 or before. The efix will be available at the following URL:
<ftp://ftp.software.ibm.com/aix/efixes/security/bind_multiple_efix.tar.Z>
In the interim, customers may want to implement the workarounds given in the Solutions section to limit their exposure.
The following APARs will be available in the near future:
AIX 4.3.3 APAR IY37088 (available approx 11/27/2002 )
AIX 5.1.0 APAR IY37019 (available approx 12/18/2002 )
AIX 5.2.0 APAR TBA (available approx TBA )
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
ISC Affected
Notified: November 12, 2002 Updated: November 12, 2002
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
MandrakeSoft __ Affected
Notified: November 12, 2002 Updated: November 14, 2002
Status
Affected
Vendor Statement
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
________________________________________________________________________
` Mandrake Linux Security Update Advisory
Package name: bind
Advisory ID: MDKSA-2002:077
Date: November 14th, 2002
Affected versions: 7.2, Single Network Firewall 7.2
Problem Description:
Several vulnerabilities were discovered in the BIND8 DNS server by ISS
(Internet Security Services), including a remotely exploitable buffer
overflow. The first vulnerability is how named handles SIG records;
this buffer overflow can be exploited to obtain access to the victim
host with the privilege of the user the named process is running as.
By default, Mandrake Linux is configured to run the named process as
the named user. To successfully exploit this vulnerability, the
attacker must control an existing DNS domain and must be allowed to
perform a recursive query.
A possible work-around is to restrict recursive requests, however
MandrakeSoft encourages all users to upgrade to the provided BIND9
packages. You can also completely disable recursion by adding
“recursion no;” to the options section of /etc/named.conf.
Several Denial of Service problems also exist in BIND8 that allow
attackers to terminate the named process. At least one of these
vulnerabilities seems to be exploitable even when the attacker is
not permitted to perform recursive queries, so the work-around noted
above is not effective against this DoS.
Both problems are not reported to effect BIND9. As Linux-Mandrake
7.2 and Single Network Firewall 7.2 are the only supported distributions
to still ship BIND8, we have elected to upgrade to both a patched
version of BIND8 and BIND9. The BIND8 packages contain the patch
ISC made available late on the 13th, contrary to their original
advisory which called for them to be made available next week. Despite
this, however, MandrakeSoft encourages everyone who is able to upgrade
to BIND9 rather than BIND8.
The MandrakeSoft security team wishes to apologize to MandrakeSoft
customers for not being able to provide timely fixes for this problem,
and regrets the inability of the ISC to work with the Internet community
at large to provide adequate protection to users of BIND.
References:
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1219>
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1220>
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1221>
<http://www.kb.cert.org/vuls/id/852283>
<http://www.kb.cert.org/vuls/id/229595>
<http://www.isc.org/products/BIND/bind-security.html>
<http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469>
Updated Packages:
Linux-Mandrake 7.2:
f3ca1559f7d2fbe17a2ec6dab327bb7e 7.2/RPMS/bind-8.3.3-2.1mdk.i586.rpm
0ccd937ec59aa9775f79b05f62d4718c 7.2/RPMS/bind-9.2.1-2.3mdk.i586.rpm
783ab2327c7e7983a07a8043d3355bbb 7.2/RPMS/bind-devel-8.3.3-2.1mdk.i586.rpm
bbf717f0f71098ab6c2293d9dbd1c1bd 7.2/RPMS/bind-devel-9.2.1-2.3mdk.i586.rpm
47a2418adcd190b22956407a667fbc9e 7.2/RPMS/bind-utils-8.3.3-2.1mdk.i586.rpm
56b9c086c299cdfd367ae87f14db711b 7.2/RPMS/bind-utils-9.2.1-2.3mdk.i586.rpm
df34fbecce2e6c61695fcee11a525fea 7.2/RPMS/caching-nameserver-8.1-3.2mdk.noarch.rpm
f9d914230ec37be01ad4d00abcde0280 7.2/SRPMS/bind-8.3.3-2.1mdk.src.rpm
8660bd628168c52478b0f766d0ab676c 7.2/SRPMS/bind-9.2.1-2.3mdk.src.rpm
904b9064763803d24afc79e7140146a4 7.2/SRPMS/caching-nameserver-8.1-3.2mdk.src.rpm
Single Network Firewall 7.2:
f3ca1559f7d2fbe17a2ec6dab327bb7e snf7.2/RPMS/bind-8.3.3-2.1mdk.i586.rpm
0ccd937ec59aa9775f79b05f62d4718c snf7.2/RPMS/bind-9.2.1-2.3mdk.i586.rpm
47a2418adcd190b22956407a667fbc9e snf7.2/RPMS/bind-utils-8.3.3-2.1mdk.i586.rpm
56b9c086c299cdfd367ae87f14db711b snf7.2/RPMS/bind-utils-9.2.1-2.3mdk.i586.rpm
df34fbecce2e6c61695fcee11a525fea snf7.2/RPMS/caching-nameserver-8.1-3.2mdk.noarch.rpm
f9d914230ec37be01ad4d00abcde0280 snf7.2/SRPMS/bind-8.3.3-2.1mdk.src.rpm
8660bd628168c52478b0f766d0ab676c snf7.2/SRPMS/bind-9.2.1-2.3mdk.src.rpm
904b9064763803d24afc79e7140146a4 snf7.2/SRPMS/caching-nameserver-8.1-3.2mdk.src.rpm
Bug IDs fixed (see <https://qa.mandrakesoft.com> for more information):
To upgrade automatically, use MandrakeUpdate. The verification of md5
checksums and GPG signatures is performed automatically for you.
If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with “rpm -Fvh *.rpm”. A list of
FTP mirrors can be obtained from:
<http://www.mandrakesecure.net/en/ftp.php>
Please verify the update prior to upgrading to ensure the integrity of
the downloaded package. You can do this with the command:
rpm --checksig <filename>
All packages are signed by MandrakeSoft for security. You can obtain
the GPG public key of the Mandrake Linux Security Team from:
<https://www.mandrakesecure.net/RPM-GPG-KEYS>
Please be aware that sometimes it takes the mirrors a few hours to
update.
You can view other update advisories for Mandrake Linux at:
<http://www.mandrakesecure.net/en/advisories/>
MandrakeSoft has several security-related mailing list services that
anyone can subscribe to. Information on these lists can be obtained by
visiting:
<http://www.mandrakesecure.net/en/mlist.php>
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.7 (GNU/Linux)
mQGiBDlp594RBAC2tDozI3ZgQsE7XwxurJCJrX0L5vx7SDByR5GHDdWekGhdiday
L4nfUax+SeR9SCoCgTgPW1xB8vtQc8/sinJlMjp9197a2iKM0FOcPlkpa3HcOdt7
WKJqQhlMrHvRcsivzcgqjH44GBBJIT6sygUF8k0lU6YnMHj5MPc/NGWt8wCg9vKo
P0l5QVAFSsHtqcU9W8cc7wMEAJzQsAlnvPXDBfBLEH6u7ptWFdp0GvbSuG2wRaPl
hynHvRiE01ZvwbJZXsPsKm1z7uVoW+NknKLunWKB5axrNXDHxCYJBzY3jTeFjsqx
PFZkIEAQphLTkeXXelAjQ5u9tEshPswEtMvJvUgNiAfbzHfPYmq8D6x5xOw1IySg
2e/LBACxr2UJYCCB2BZ3p508mAB0RpuLGukq+7UWiOizy+kSskIBg2O7sQkVY/Cs
iyGEo4XvXqZFMY39RBdfm2GY+WB/5NFiTOYJRKjfprP6K1YbtsmctsX8dG+foKsD
LLFs7OuVfaydLQYp1iiN6D+LJDSMPM8/LCWzZsgr9EKJ8NXiyrQ6TGludXggTWFu
ZHJha2UgU2VjdXJpdHkgVGVhbSA8c2VjdXJpdHlAbGludXgtbWFuZHJha2UuY29t
PohWBBMRAgAWBQI5aefeBAsKBAMDFQMCAxYCAQIXgAAKCRCaqNDQIkWKmK6LAKCy
/NInDsaMSI+WHwrquwC5PZrcnQCeI+v3gUDsNfQfiKBvQSANu1hdulqIRgQQEQIA
BgUCOtNVGQAKCRBZ5w3um0pAJJWQAKDUoL5He+mKbfrMaTuyU5lmRyJ0fwCgoFAP
WdvQlu/kFjphF740XeOwtOqIRgQQEQIABgUCOu8A6QAKCRBynDnb9lq3CnpjAJ4w
Pk0SEE9U4r40IxWpwLU+wrWVugCdFfSPllPpZRCiaC7HwbFcfExRmPaIRgQQEQIA
BgUCPI+UAwAKCRDniYrgcHcf8xK5AKCm/Mq8qP8GE0o1hEX22QsJMZwH5gCfZ72H
8TacOb3oAmBdprf+K6gkdOiIRgQQEQIABgUCOtOieAAKCRCv2bZyU0yB80MeAJ9K
+jXt0cKuaUonRU+CRGetk6t9dgCfTRRL6/puOKdD6md70+K5EBBSvsG0OE1hbmRy
YWtlIExpbnV4IFNlY3VyaXR5IFRlYW0gPHNlY3VyaXR5QG1hbmRyYWtlc29mdC5j
b20+iFcEExECABcFAjyPnuUFCwcKAwQDFQMCAxYCAQIXgAAKCRCaqNDQIkWKmFi+
AJsHhohgnU3ik4+gy3EdFlB2i/MBoACg6lHn5cnVvTcmgNccWxeNxLLZI5e5AQ0E
OWnn7xAEAOQlTVY4TiNo5V/iP0J1xnqjqlqZsU7yEBKo/gZz6/+hx75RURe1ebiJ
9F779FQbpJ9Epz1KLSXvq974rnVb813zuGdmgFyk+ryA/rTR2RQ8h+EoNkwmATzR
xBXVJb57fFQjxOu4eNjZAtfII/YXb0uyXXrdr5dlJ/3eXrcO4p0XAAMFBACCxo6Z
269s+A4v8C6Ui12aarOQcCDlV8cVG9LkyatU3FNTlnasqwo6EkaP572448weJWwN
6SCXVl+xOYLiK0hL/6Jb/O9Agw75yUVdk+RMM2I4fNEi+y4hmfMh2siBv8yEkEvZ
jTcl3TpkTfzYky85tu433wmKaLFOv0WjBFSikohGBBgRAgAGBQI5aefvAAoJEJqo
0NAiRYqYid0AoJgeWzXrEdIClBOSW5Q6FzqJJyaqAKC0Y9YI3UFlE4zSIGjcFlLJ
EJGXlA==
=yGlX
- -----END PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.7 (GNU/Linux)
0TMmPB4TZgcFOv+PVexxc58=
=01Zu
-----END PGP SIGNATURE-----
`
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Nortel Networks __ Affected
Notified: November 12, 2002 Updated: December 03, 2002
Status
Affected
Vendor Statement
"NetID version 4.3.1 and below is affected by the vulnerabilities identified in CERT/CC Advisory CA-2002-31. A bulletin and patched builds are available from the following Nortel Networks support contacts:
North America: 1-800-4NORTEL or 1-800-466-7835
Europe, Middle East and Africa: 00800 8008 9009, or +44 (0) 870 907 9009
Optivity NMS is not affected.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Openwall GNU/*/Linux __ Affected
Notified: November 12, 2002 Updated: December 03, 2002
Status
Affected
Vendor Statement
BIND 4.9.10-OW2 includes the patch provided by ISC and thus has the two vulnerabilities affecting BIND 4 fixed. Previous versions of BIND 4.9.x-OW patches, if used properly, significantly reduced the impact of the “named” vulnerability. The patches are available at their usual location:
<http://www.openwall.com/bind/>
A patch against BIND 4.9.11 will appear as soon as this version is officially released, although it will likely be effectively the same as the currently available 4.9.10-OW2.
It hasn’t been fully researched whether the resolver code in glibc,and in particular on Openwall GNU/*/Linux, shares any of the newly discovered BIND 4 resolver library vulnerabilities. Analysis is in progress.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Red Hat Inc. __ Affected
Notified: November 12, 2002 Updated: November 13, 2002
Status
Affected
Vendor Statement
Older releases (6.2, 7.0) of Red Hat Linux shipped with versions of BIND which may be vulnerable to these issues however a Red Hat security advisory in July 2002 upgraded all our supported distributions to BIND 9.2.1 which is not vulnerable to these issues.
All users who have BIND installed should ensure that they are running these updated versions of BIND.
<http://rhn.redhat.com/errata/RHSA-2002-133.html> Red Hat Linux
<http://rhn.redhat.com/errata/RHSA-2002-119.html> Advanced Server 2.1
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
SuSE Inc. __ Affected
Notified: November 12, 2002 Updated: November 14, 2002
Status
Affected
Vendor Statement
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: bind8 Announcement-ID: SuSE-SA:2002:044 Date: Wed Nov 13 17:00:00 CET 2002 Affected products: (7.0), 7.1, 7.2, 7.3, 8.0, 8.1, SuSE Linux Database Server SuSE eMail Server III, 3.1 SuSE Firewall SuSE Linux Enterprise Server for S/390 SuSE Linux Connectivity Server SuSE Linux Enterprise Server 7 SuSE Linux Office Server Vulnerability Type: remote command execution Severity (1-10): 8 SuSE default package: yes Cross References: CVE CAN-2002-1219, CAN-2002-1220, CAN-2002-1221, ``<http://www.isc.org/products/BIND/bind-security.html>`` ``<http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469>``
` Content of this advisory:
- security vulnerability resolved: Remote command execution
in bind8 name server.
problem description, discussion, solution and upgrade information - pending vulnerabilities, solutions, workarounds: BIND4, reports
of trojanized tcpdump/libpcap - standard appendix (further information)
has discovered several vulnerabilities in the BIND8 name server,
including a remotely exploitable buffer overflow.
Consortium (maintainer of BIND) has been made aware of these issues
in mid-October. Distributors of Open Source operating systems,
including SuSE, were notified of these vulnerabilities via CERT
approximately 12 hours before the release of the advisories by ISS
and ISC on Tue, Nov 12. This notification did not include any details
that allowed us to identify the vulnerable code, much less prepare
a fix. Mails to ISC went unanswered for 36 hours.
has withheld vital information from the Internet community for so long,
putting the majority of BIND users at risk. We would like to express
our concern that the approach chosen by ISC and ISS is likely to
erode trust in the security community if it becomes a model for dealing
with security issues.
fixes for this problem.
in detail:
SIG records. This buffer overflow can be exploited to
obtain access to the victim host under the account
the named process is running with.
control an existing DNS domain, and must be allowed
to perform a recursive query.
by default, so a potential attacker or virus/worm does not get
immediate root access. However, this is merely an additional
obstacle the attacker faces. It may be possible for the attacker
to exploit other, unpatched local vulnerabilities such as the
recently announced traceroute hole to obtain root privilege. It
may also be possible for an attacker to obtain increased privilege
by manipulating the DNS zones served by the victim BIND server.
not possible, we recommend to restrict recursive requests as a
workaround. This can be done by adding a statement such as the
following to /etc/named.conf:
… existing options …
except 192.168.1.254.
Order does matter.
allow-recursion {
!192.168.1.254;
192.168.1/24;
};
};
Alternatively, you can add “recursion no;” to the options
section to turn off recursion completely.
2.There are several Denial Of Service problems in BIND8
that allow remote attackers to terminate the name server
process.
At least one of these vulnerabilities seems to be exploitable
even when the attacker is not allowed to perform recursive
queries, so that the workaround suggested above is not
effective against this bug.
Both vulnerabilities are addressed by this update, using patches
originating from ISC.
Due to the severity of this issue, we will provide update packages
for SuSE Linux 7.0, even though support for this product has officially
been discontinued.
Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the packages using the command “rpm -Fhv file.rpm” to apply
the update. After updating, make sure to restart the name server
process by issuing the following command as root:
rcnamed restart
Our maintenance customers are being notified individually. The packages
are being offered to install from the maintenance web.
`
Intel i386 Platform:
SuSE-8.1: ``<ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/bind8-8.2.4-260.i586.rpm>`` e1c07d8c1dd74374cc37e7fa692c9de1 ``<ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/bindutil-8.2.4-260.i586.rpm>`` b41734970bf88aa7b5d3debbf834b78d ``<ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/bind8-devel-8.2.4-260.i586.rpm>`` f7236e5e621725e100dbd204e2692a66 source rpm(s): ``<ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/bind8-8.2.4-260.src.rpm>`` 02154fbdc935a2900d70ce6a16e96543
SuSE-8.0: ``<ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/bind8-8.2.4-260.i386.rpm>`` 07bc10c5c348c560084edb3c289459c9 ``<ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/bindutil-8.2.4-260.i386.rpm>`` 4db27e9ad4ae038d81422a0c5b9a34d0 ``<ftp://ftp.suse.com/pub/suse/i386/update/8.0/n4/bind8-devel-8.2.4-260.i386.rpm>`` a1b3958e0fbaed30ddecbf7753007dbf source rpm(s): ``<ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/bind8-8.2.4-260.src.rpm>`` 0b66ae2b5c462f041625919fed7ab089
SuSE-7.3: ``<ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/bind8-8.2.4-261.i386.rpm>`` fe0654b3de751533874b08a860afea5e ``<ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/bindutil-8.2.4-261.i386.rpm>`` 043a8c1c0bb2cc23308a614dc7bdc0fe ``<ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/bind8-devel-8.2.4-261.i386.rpm>`` 59aca78f5aacb3ff7ecbc252eb760956 source rpm(s): ``<ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/bind8-8.2.4-261.src.rpm>`` 355add6397435262c597ad662e3df119
SuSE-7.2: ``<ftp://ftp.suse.com/pub/suse/i386/update/7.2/n2/bind8-8.2.3-200.i386.rpm>`` 1072a9fe708150bc14c70a72ca42dfd3 ``<ftp://ftp.suse.com/pub/suse/i386/update/7.2/n1/bindutil-8.2.3-200.i386.rpm>`` 0713d9b200db862110493233bc1d8321 ``<ftp://ftp.suse.com/pub/suse/i386/update/7.2/n2/bind8-devel-8.2.3-200.i386.rpm>`` c681a91b38104cf47de4f4d454136a8a source rpm(s): ``<ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/bind8-8.2.3-200.src.rpm>`` 8f51737bc0c84b7be08fe3bb1d4012b4
SuSE-7.1: ``<ftp://ftp.suse.com/pub/suse/i386/update/7.1/n2/bind8-8.2.3-200.i386.rpm>`` f2c14f81038d7ba952def27981b4599c ``<ftp://ftp.suse.com/pub/suse/i386/update/7.1/n1/bindutil-8.2.3-200.i386.rpm>`` 961a5403a41e8031c054a081ebf92ba5 source rpm(s): ``<ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/bind8-8.2.3-200.src.rpm>`` 7f3c9b95591fb22f00dc0b22cdd5fcf1
SuSE-7.0: ``<ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/bind8-8.2.3-200.i386.rpm>`` 0a6b9e23cefa5cd9f06660571ebf85ff ``<ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/bindutil-8.2.3-200.i386.rpm>`` 3a6e0e81c2d8b05ee01a2a0b9c26e9a4 source rpm(s): ``<ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/bind8-8.2.3-200.src.rpm>`` 1c2cb2e531fe2834de84b22ad714de68
Sparc Platform:
SuSE-7.3: ``<ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n2/bind8-8.2.4-128.sparc.rpm>`` c08454b933ed2365d9d2ab1322803af6 ``<ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/bindutil-8.2.4-128.sparc.rpm>`` 47e063be85fadfa2e5d0fce1746a34b5 ``<ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n2/bind8-devel-8.2.4-128.sparc.rpm>`` 46a97b033cca0a01dcb39ef90275ce46 source rpm(s): ``<ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/bind8-8.2.4-128.src.rpm>`` 827a7f56273c7a25ac40ffba728e9150
AXP Alpha Platform:
SuSE-7.1: ``<ftp://ftp.suse.com/pub/suse/axp/update/7.1/n2/bind8-8.2.3-139.alpha.rpm>`` 77f39990fabacb545657236a60fecbe0 ``<ftp://ftp.suse.com/pub/suse/axp/update/7.1/n1/bindutil-8.2.3-139.alpha.rpm>`` 33bf9f28a7c9105c84216906694c7b7c source rpm(s): ``<ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/bind8-8.2.3-139.src.rpm>`` df347649fc98de695837a88452814ee6
SuSE-7.0: ``<ftp://ftp.suse.com/pub/suse/axp/update/7.0/n1/bind8-8.2.3-139.alpha.rpm>`` 23f307cda6a0eefb3d9f1a0439950bdd ``<ftp://ftp.suse.com/pub/suse/axp/update/7.0/n1/bindutil-8.2.3-139.alpha.rpm>`` 0789b49749d93ddd79192506cda00f7a source rpm(s): ``<ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/bind8-8.2.3-139.src.rpm>`` 356306a7f2c079e2726b3aa8da496e9b
PPC Power PC Platform:
SuSE-7.3: ``<ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n2/bind8-8.2.4-200.ppc.rpm>`` 4cbeb4719625f8735ec03c27e1b27b85 ``<ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n1/bindutil-8.2.4-200.ppc.rpm>`` 37fca302d72c819e713f8038d730a527 ``<ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n2/bind8-devel-8.2.4-200.ppc.rpm>`` f0f5cb7b808789606448a4d472c71400 source rpm(s): ``<ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/bind8-8.2.4-200.src.rpm>`` 5c810e6f144d0f2875bb06d2331f50d8
SuSE-7.1: ``<ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n2/bind8-8.2.3-121.ppc.rpm>`` 47fcc451954f03a915b57b500bd56c57 ``<ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n1/bindutil-8.2.3-121.ppc.rpm>`` 2c0de3b64d5c3d62cb840a534911ef31 source rpm(s): ``<ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/bind8-8.2.3-121.src.rpm>`` 235e142413ec35bcbdb86168b04b7a78
SuSE-7.0: ``<ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n1/bind8-8.2.3-121.ppc.rpm>`` 44dc01f6b4fae1dfd87874db6d42e8d9 ``<ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n1/bindutil-8.2.3-121.ppc.rpm>`` d46f45bef0f12c3c5b071443ac9e7f13 source rpm(s): ``<ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/bind8-8.2.3-121.src.rpm>`` 1bac32496ae66d4b0e35bc34d4e500ff
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
BIND4 In addition to the vulnerabilities in BIND8 discussed above, ISS report several vulnerabilities in BIND4. As stated previously, SuSE has discontinued support for BIND4 and recommends that users upgrade to BIND8 as soon as possible.
Trojaned libpcap/tcpdump There have been reports that the source packages of tcpdump and libpcap available from several FTP servers have been modified to include a trojan. We have checked our source packages for this and found them to be clean.
______________________________________________________________________________
3) standard appendix: authenticity verification, additional information
- Package authenticity verification:
` SuSE update packages are available on many mirror ftp servers all over
the world. While this service is being considered valuable and important
to the free and open source software community, many users wish to be
sure about the origin of the package and its content before installing
the package. There are two verification methods that can be used
independently from each other to prove the authenticity of a downloaded
file or rpm package:
- md5sums as provided in the (cryptographically signed) announcement.
- using the internal gpg signatures of the rpm package.
md5sum <name-of-the-file.rpm>
after you downloaded the file from a SuSE ftp server or its mirrors.
Then, compare the resulting md5sum with the one that is listed in the
announcement. Since the announcement containing the checksums is
cryptographically signed (usually using the key [email protected]),
the checksums show proof of the authenticity of the package.
We disrecommend to subscribe to security lists which cause the
email message containing the announcement to be modified so that
the signature does not match after transport through the mailing
list software.
Downsides: You must be able to verify the authenticity of the
announcement in the first place. If RPM packages are being rebuilt
and a new version of a package is published on the ftp server, all
md5 sums for the files are useless.
of an rpm package. Use the command
rpm -v --checksig <file.rpm>
to verify the signature of the package, where <file.rpm> is the
filename of the rpm package that you have downloaded. Of course,
package authenticity verification can only target an un-installed rpm
package file.
Prerequisites:
a) gpg is installed
b) The package is signed using a certain key. The public part of this
key must be installed by the gpg program in the directory
~/.gnupg/ under the user’s home directory who performs the
signature verification (usually root). You can import the key
that is used by SuSE in rpm packages for SuSE Linux by saving
this announcement to a file (“announcement.txt”) and
running the command (do “su -” to be root):
gpg --batch; gpg < announcement.txt | gpg --import
SuSE Linux distributions version 7.1 and thereafter install the
key “[email protected]” upon installation or upgrade, provided that
the package gpg is installed. The file containing the public key
is placed at the top-level directory of the first CD (pubring.gpg)
and at<ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de>.
`
- SuSE runs two security mailing lists to which any interested party may subscribe:
` [email protected]
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<[email protected]>.
- SuSE’s announce-only mailing list.
To subscribe, send an email to
<[email protected]>.
send mail to:
<[email protected]> or
<[email protected]> respectively.
SuSE’s security contact is <[email protected]> or <[email protected]>.
The <[email protected]> public key is listed below.
=====================================================================
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. In particular,
it is desired that the clear-text signature shows proof of the
authenticity of the text.
SuSE Linux AG makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <[email protected]>
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <[email protected]>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see <http://www.gnupg.org>
mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff
4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d
M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO
QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK
XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE
D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd
G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM
CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE
myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr
YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD
wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d
NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe
QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe
LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t
XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU
D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3
0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot
1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW
cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E
ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f
AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E
Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/
HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h
t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT
tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM
523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q
2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8
QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw
JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ
1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH
ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1
wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY
EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol
0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK
CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co
SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo
omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt
A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J
/LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE
GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf
ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT
ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8
RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ
8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb
B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X
11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA
8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj
qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p
WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL
hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG
BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+
AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi
RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0
zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM
/3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7
whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl
D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz
dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI
RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI
DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE=
=LRKC
- -----END PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see<http://www.gnupg.org>
4rwnnoF2HqsHRdR6d5W8xF4EOJaedzhotTFUDmy2CWUabWdpCgac79JSQ8iI+P8G
N/Uv4o5kloBuvahTk0GHDoG5HVLQCaPbLZUnAWxcYzu57oQ+HaGJTF49cVfZhVkD
KCGBwMgYwpWNUNQ3QcOl8liPqrNj6K512J4AivnjkCuXO0fsiXTuR7rPg7NgZzVn
BoXhyt0Hvvk1zkkMf4JMGATdl6V5t2sK3YBsKPWEnd0yB3vqNYs3LUH3ArctsUXP
c6DMP9p6++OJySP+Bb6Mg3h7JCbLqBMuuElppEbcApnE6JXFhGozBQ==
=GZ1Z
-----END PGP SIGNATURE-----`
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Cray Inc. __ Not Affected
Notified: November 12, 2002 Updated: November 14, 2002
Status
Not Affected
Vendor Statement
Cray Inc. is not vulnerable.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
InfoBlox __ Not Affected
Notified: November 12, 2002 Updated: October 18, 2004
Status
Not Affected
Vendor Statement
The Infoblox DNS One product is not vulnerable.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Microsoft Corporation __ Not Affected
Notified: November 12, 2002 Updated: November 14, 2002
Status
Not Affected
Vendor Statement
Microsoft products do not use the program in question. Microsoft products are not affected by this issue.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
MontaVista Software __ Not Affected
Notified: November 12, 2002 Updated: November 13, 2002
Status
Not Affected
Vendor Statement
MontaVista ships BIND 9, thus is not vulnerably to these advisories.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Nominum __ Not Affected
Notified: November 12, 2002 Updated: November 13, 2002
Status
Not Affected
Vendor Statement
Nominum “Foundation” Authoritative Name Server (ANS) is not affected by this vulnerability. Also, Nominum “Foundation” Caching Name Server (CNS) is not affected by this vulnerability. Nominum’s commercial DNS server products, which are part of Nominum “Foundation” IP Address Suite, are not based on BIND and do not contain any BIND code, and so are not affected by vulnerabilities discovered in any version of BIND.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
3Com Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
AT&T Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Adns Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Aladdin Knowledge Systems Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Alcatel Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Apache Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Apache-SSL Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Avaya Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
BSDI Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
BlueCat Networks Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Check Point Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Cisco Systems Inc. Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Cistron Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Command Software Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Compaq Computer Corporation Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Computer Associates Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Covalent Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
CyberSoft Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
D-Link Systems Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Data Fellows Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Data General Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
F-Secure Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
F5 Networks Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Finjan Software Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
FreeRADIUS Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Fujitsu Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Funk Software Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
GFI Software Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
GNU glibc Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Hewlett-Packard Company Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
IPlanet Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Inner Cite Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Intel Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Interlink Networks Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Intersoft International Inc. Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Jkuo Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Juniper Networks Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
KTH Kerberos Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Lachman Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Lotus Software Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Lucent Technologies Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Macromedia Inc. Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Mei Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Men&Mice Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
MetaSolv Software Inc. Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
MiT Kerberos Development Team Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
NCFTP Software Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
NCSA Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
NEC Corporation Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
NeXT Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
NetSNMP Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Network Appliance Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Network Associates Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Nixu Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Nokia Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Open Group Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
OpenBSD Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Oracle Corporation Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
PSPL Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Process Software Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Putty Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
RADIUS Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
RADIUSClient Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
RSA Security Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Riverstone Networks Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
SGI Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
SSH Communications Security Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Sendmail Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Sequent Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
ShadowSupport Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Sony Corporation Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Sophos Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Sun Microsystems Inc. Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Symantec Corporation Unknown
Notified: November 12, 2002 Updated: April 01, 2003
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
The SCO Group (SCO Linux) Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
The SCO Group (SCO UnixWare) Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Threshold Networks Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Trend Micro Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
WU-FTPD Development Group Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Wind River Systems Inc. Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Wirex Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
XTRADIUS Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Xerox Corporation Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
Xi Graphics Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
YARD RADIUS Unknown
Notified: November 12, 2002 Updated: November 12, 2002
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23852283 Feedback>).
View all 102 vendors __View less vendors __
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
<http://www.secunia.com/advisories/9856/>
Acknowledgements
Thanks to ISS for reporting this vulnerability.
This document was written by Jason A Rafail.
Other Information
| CVE IDs: | CVE-2002-1219 |
|---|---|
| CERT Advisory: | CA-2002-31 Severity Metric: |
References
Related
