Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2002-0029
HistoryNov 29, 2002 - 5:00 a.m.

CVE-2002-0029

2002-11-2905:00:00
[email protected]
web.nvd.nist.gov
313
2
cve-2002-0029
dns stub resolver
remote code execution
isc bind
buffer overflows
remote attackers.

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.7 High

AI Score

Confidence

High

0.936 High

EPSS

Percentile

99.1%

JSON

Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka “LIBRESOLV: buffer overrun” and a different vulnerability than CVE-2002-0684.

Affected configurations

NVD
Node
iscbindMatch4.9.2
OR
iscbindMatch4.9.3
OR
iscbindMatch4.9.4
OR
iscbindMatch4.9.5
OR
iscbindMatch4.9.6
OR
iscbindMatch4.9.7
OR
iscbindMatch4.9.8
OR
iscbindMatch4.9.9
OR
iscbindMatch4.9.10
Node
astarosecurity_linuxMatch2.0.23
OR
astarosecurity_linuxMatch2.0.24
OR
astarosecurity_linuxMatch2.0.25
OR
astarosecurity_linuxMatch2.0.26
OR
astarosecurity_linuxMatch2.0.27
OR
astarosecurity_linuxMatch2.0.30
OR
astarosecurity_linuxMatch3.2.0
OR
astarosecurity_linuxMatch3.2.10
OR
astarosecurity_linuxMatch3.2.11

Social References

More

Related

cvelist 2
nvd 2
debiancve 2
f5 2
nessus 8
redhat 1
cert 3
osv 1
openvas 4
securityvulns 1
cve 1
suse 1
freebsd 1
nmap 1
cvelist
cvelist
CVE-2002-0029
2002-11-21 05:00:00
CVE-2002-0684
2002-07-31 04:00:00
nvd
nvd
CVE-2002-0029
2002-11-29 05:00:00
CVE-2002-0684
2002-08-12 04:00:00
debiancve
debiancve
CVE-2002-0029
2002-11-29 05:00:00
CVE-2002-0684
2002-08-12 04:00:00
f5
f5
Buffer overflows in stub resolver libraries - CAN-2002-0029
2004-08-11 04:00:00
SOL3284 - Buffer overflows in stub resolver libraries - CAN-2002-0029
2004-08-10 00:00:00
nessus
nessus
RHEL 2.1 : glibc (RHSA-2004:383)
2004-08-05 00:00:00
ISC BIND < 4.9.11 stub resolver (libresolv.a) DNS Response Overflow
2003-09-29 00:00:00
Debian DSA-196-1 : bind - several vulnerabilities
2004-09-29 00:00:00
redhat
redhat
(RHSA-2004:383) glibc security update
2004-08-04 00:00:00
cert
cert
Domain Name System (DNS) stub resolver libraries vulnerable to buffer overflows via network name or address lookups
2002-11-13 00:00:00
Various DNS service implementations generate multiple simultaneous queries for the same resource record
2002-11-19 00:00:00
Multiple vendors' Domain Name System (DNS) stub resolvers vulnerable to buffer overflow via network name and address lookups
2002-08-01 00:00:00
osv
osv
bind - several vulnerabilities
2002-11-14 00:00:00
openvas
openvas
HP-UX Update for BIND HPSBUX00233
2009-05-05 00:00:00
HP-UX Update for BIND HPSBUX00233
2009-05-05 00:00:00
FreeBSD Ports: linux_base
2008-09-04 00:00:00
securityvulns
securityvulns
CERT Advisory CA-2002-31 Multiple Vulnerabilities in BIND
2002-11-14 00:00:00
cve
cve
CVE-2002-0684
2002-08-12 04:00:00
suse
suse
buffer overflow in bind, glibc
2002-07-10 20:26:06
freebsd
freebsd
linux_base -- vulnerabilities in Red Hat 7.1 libraries
2004-09-27 00:00:00
nmap
nmap
vulners NSE Script
2019-06-26 17:06:44

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.7 High

AI Score

Confidence

High

0.936 High

EPSS

Percentile

99.1%

JSON
Related for CVE-2002-0029
cvelist2nvd2debiancve2f52nessus8redhat1cert3osv1openvas4securityvulns1cve1suse1freebsd1nmap1