CVE-2002-0684

Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr...

CVE-2002-0684

Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr...

Important: Red Hat Security Advisory: : Updated bind packages fix buffer overflow in resolver library

Various versions of the ISC BIND resolver libraries are vulnerable to a buffer overflow attack. Updated BIND packages are now available to fix this issue. ISC BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which...

Important: Red Hat Security Advisory: glibc security update

Updated glibc packages are available which fix a buffer overflow in the XDR decoder and two vulnerabilities in the resolver functions. updated 8 aug 2002 Updated packages have been made available, as the original errata introduced a bug which could cause calloc to crash on 32-bit platforms when...

CVE-2002-0684

Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr...

CVE-2002-0684

CVE-2002-0684 describes a buffer overflow in the DNS resolver logic used by BIND 4.9.8 and ported to glibc 2.2.5 and earlier. The flaw occurs in resolver/DNS name resolution (getnetbyname/getnetbyaddr) and can allow a remote attacker sending crafted DNS responses to execute arbitrary code. Severa...

CVE-2002-0684

Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr...

Important: Red Hat Security Advisory: : Updated glibc packages fix vulnerabilities in resolver

Updated glibc packages are available to fix two vulnerabilities in the resolver functions. The glibc package contains standard libraries which are used by multiple programs on the system. A buffer overflow vulnerability has been found in the way the glibc resolver handles the resolution of networ...

Microsoft Windows domain name resolver service accepts responses from non-queried DNS servers by default

Overview Systems running Microsoft Windows 98, NT, Windows 2000, or Windows XP DNS resolvers accept DNS replies from any IP address, not just the ones being sent DNS requests. This may lead to domain information spoofing or DNS cache poisoning. Description Microsoft Windows systems use a caching...

CVE-2002-0651

Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers...

DEBIAN-CVE-2002-0651

Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers...

CVE-2002-0651

Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers...

Advisory CA-2002-19 Buffer Overflow in Multiple DNS Resolver Libraries

CERT Advisory CA-2002-19 Buffer Overflow in Multiple DNS Resolver Libraries Original release date: June 28, 2002 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Applications using vulnerable implementations of the Domain Name...

NetBSD Security Advisory 2002-006: buffer overrun in libc DNS resolver

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2002-006 ================================= Topic: buffer overrun in libc DNS resolver Version: NetBSD-current: source prior to June 26, 2002 NetBSD-1.6 beta:source prior to June 26, 2002 NetBSD-1.5.2: affected NetBSD-1.5.1: affected...

FreeBSD Security Advisory FreeBSD-SA-02:28.resolv

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:28.resolv Security Advisory The FreeBSD Project Topic: buffer overflow in resolver Category: core Module: libc Announced: 2002-06-26 Credits: Joost Pol [email protected]...

Remote buffer overflow in resolver code of libc

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ----------------------------------------------------------------------------- Pine Internet Security Advisory ----------------------------------------------------------------------------- Advisory ID : PINE-CERT-20020601 Authors : Joost Pol...

Multiple vendors' Domain Name System (DNS) stub resolvers vulnerable to buffer overflows

Overview Buffer overflow vulnerabilities exists in the DNS stub resolver library used by BSD, ISC BIND, and GNU glibc. Other systems that use DNS resolver code derived from ISC BIND may also be affected. An attacker who is able to control DNS responses could exploit arbitrary code or cause a deni...

FreeBSD-SA-02:28.resolv

============================================================================= FreeBSD-SA-02:28.resolv Security Advisory The FreeBSD Project Topic: buffer overflow in resolver Category: core Module: libc Announced: 2002-06-26 Credits: Joost Pol Affects: All releases prior to and including...

CVE-2000-0335

The CVE-2000-0335 issue affects the resolver in glibc 2.1.3 , which uses predictable IDs. This design allows a local attacker to cause DNS query spoofing by manipulating IDs, undermining DNS query integrity. The vulnerability’s impact is described as the ability to spoof results, with a base CVSS...