CVE-2002-0029

2002-11-2905:00:00

Debian Security Bug Tracker

security-tracker.debian.org

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.936 High

EPSS

Percentile

99.1%

JSON

Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka “LIBRESOLV: buffer overrun” and a different vulnerability than CVE-2002-0684.

OSVersionArchitecturePackageVersionFilename
Debian12allbind9< 1:9.18.19-1~deb12u1bind9_1:9.18.19-1~deb12u1_all.deb
Debian11allbind9< 1:9.16.44-1~deb11u1bind9_1:9.16.44-1~deb11u1_all.deb
Debian10allbind9< 1:9.11.5.P4+dfsg-5.1+deb10u7bind9_1:9.11.5.P4+dfsg-5.1+deb10u7_all.deb
Debian999allbind9< 1:9.19.21-1bind9_1:9.19.21-1_all.deb
Debian13allbind9< 1:9.19.21-1bind9_1:9.19.21-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	bind9	< 1:9.18.19-1~deb12u1	bind9_1:9.18.19-1~deb12u1_all.deb
Debian	11	all	bind9	< 1:9.16.44-1~deb11u1	bind9_1:9.16.44-1~deb11u1_all.deb
Debian	10	all	bind9	< 1:9.11.5.P4+dfsg-5.1+deb10u7	bind9_1:9.11.5.P4+dfsg-5.1+deb10u7_all.deb
Debian	999	all	bind9	< 1:9.19.21-1	bind9_1:9.19.21-1_all.deb
Debian	13	all	bind9	< 1:9.19.21-1	bind9_1:9.19.21-1_all.deb