Oval Definition:
oval:org.mitre.oval:def:4190
Revision Date
:
2005-03-09
Version
:
16
Title
:
Buffer Overflow in DNS Resolver Library
Description
:
Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers.
Family
:
unix
Class
:
vulnerability
Status
:
ACCEPTED
Reference(s)
:
CVE-2002-0651
Platform(s)
:
Sun Solaris 7
Product(s)
:
Bind
Definition Synopsis
Software section
Solaris 7,8,or 9 installed
Solaris 8 Installed
OR
Solaris 7 Installed
OR
Solaris 9 Installed
AND
NOT
Patch 106938-06 or later installed
AND
NOT
Patch 109326-09 or later installed
AND
NOT
Patch 112970-02 or later installed
AND
Configuration section
/etc/nsswitch.conf configured to resolve hosts through DNS
BACK