CVE-2002-0029
ISC BIND 4.9.2-4.9.10 - Remote Code Execution via DNS Stub Resolver Buffer Overflow
Title source: llmDescription
Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684.
References (8)
Core 8
Core References
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html
Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/10624.php
Vendor Advisory vendor-advisory
x_refsource_netbsd
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-028.txt.asc
Patch, Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert
http://www.cert.org/advisories/CA-2002-31.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/6186
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/844360
Patch, Vendor Advisory x_refsource_confirm
http://www.isc.org/products/BIND/bind-security.html
Vendor Advisory vendor-advisory
x_refsource_sgi
ftp://patches.sgi.com/support/free/security/advisories/20021201-01-P
Scores
EPSS
0.2185
EPSS Percentile
95.8%
Details
Status
published
Products (18)
astaro/security_linux
2.0.23
astaro/security_linux
2.0.24
astaro/security_linux
2.0.25
astaro/security_linux
2.0.26
astaro/security_linux
2.0.27
astaro/security_linux
2.0.30
astaro/security_linux
3.2.0
astaro/security_linux
3.2.10
astaro/security_linux
3.2.11
isc/bind
4.9.2
... and 8 more
Published
Nov 29, 2002
Tracked Since
Feb 18, 2026