3004 matches found
CVE-2002-1146
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary "read buffer...
CVE-2002-0651
Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers...
ISC BIND < 4.9.5 Multiple DNS Resolver Functions Remote Overflow (deprecated)
Binary data 1008.prm...
ISC BIND 9 Multiple DNS Resolver Functions Remote Overflow
Binary data 1002.prm...
SOL3284 - Buffer overflows in stub resolver libraries - CAN-2002-0029
The vulnerability described in this article has been resolved, or does not affect any F5 products. There will be no further updates, unless new information is discovered...
Important: Red Hat Security Advisory: glibc security update
Updated glibc packages that fix a security flaw in the resolver as well as dlclose handling are now available. The GNU libc packages known as glibc contain the standard C libraries used by applications. A security audit of the glibc packages in Red Hat Enterprise Linux 2.1 found a flaw in the...
RHEL 2.1 : glibc (RHSA-2002:167)
Updated glibc packages are available which fix a buffer overflow in the XDR decoder and two vulnerabilities in the resolver functions. updated 8 aug 2002 Updated packages have been made available, as the original errata introduced a bug which could cause calloc to crash on 32-bit platforms when...
RHEL 2.1 : bind (RHSA-2002:119)
Version 9 of ISC BIND, prior to version 9.2.1, contained a denial of service DoS attack vulnerability. Various versions of the ISC BIND resolver libraries are vulnerable to a buffer overflow attack. ISC BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocol...
RHEL 2.1 : webalizer (RHSA-2002:255)
Updated Webalizer packages are available for Red Hat Linux Advanced Server 2.1 which fix an obscure buffer overflow bug in the DNS resolver code. Updated 13 Jan 2003 Added fixed packages for the Itanium IA64 architecture. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1...
Important: Red Hat Security Advisory: : : : Updated bind packages fix buffer overflow in resolver library
Updated BIND packages that fix a number of vulnerabilities are now available for Red Hat Linux on IBM iSeries and pSeries systems. ISC BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP...
ISC BIND < 4.9.5 DNS Resolver Functions Remote Overflow
The remote BIND server, according to its version number, is vulnerable to a remote buffer overflow within its resolver code. An attacker may be able to execute arbitrary code by having the remote DNS server make a request and send back a malicious DNS response with an invalid length field. C...
CVE-2002-2212
The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record RR combined with spoofed response...
CVE-2002-2213
The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record RR combined with spoofed...
CVE-2002-0029
Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the 1 getnetbyname, or 2 getnetbyaddr functions, a...
CVE-2002-0029
Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the 1 getnetbyname, or 2 getnetbyaddr functions, a...
CVE-2002-0029
CVE-2002-0029 concerns buffer overflows in the DNS stub resolver library used by ISC BIND (versions 4.9.2–4.9.10) and in derived libraries such as BSD libc and GNU glibc. The overflow occurs when processing certain DNS server responses that trigger the getnetbyname or getnetbyaddr code paths, all...
CVE-2002-0029
Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the 1 getnetbyname, or 2 getnetbyaddr functions, a...
Domain Name System (DNS) stub resolver libraries vulnerable to buffer overflows via network name or address lookups
Overview The DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10 contains buffer overflows in code that handles responses for network name and address requests. Other resolver libraries derived from BIND 4 such as BSD libc, GNU glibc, and those used by System V UNIX systems may also be...
FreeBSD-SA-02:42.resolv
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:42.resolv Security Advisory The FreeBSD Project Topic: buffer overrun in resolver Category: core Module: libc Announced: 2002-11-12 Credits: KOZUKA Masahiro , Mark Andrew...
DEBIAN-CVE-2002-1146
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary "read buffer...