Vulnerability CVE-2002-0029 - CERT Civis.Net

Vulnerability Name:

CVE-2002-0029 (CCN-10624)

Assigned:

2002-11-12

Published:

2002-11-12

Updated:

2008-09-10

Summary:

Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: NETBSD
Type: UNKNOWN
NetBSD-SA2002-028

Source: CCN
Type: SGI Security Advisory 20021201-01-P
Multiple Vulnerabilities in BIND Name Service Daemon

Source: SGI
Type: UNKNOWN
20021201-01-P

Source: CCN
Type: NetBSD Security Advisory NetBSD-SA2002-028
Buffer overrun in getnetbyname/getnetbyaddr

Source: MITRE
Type: CNA
CVE-2002-0029

Source: APPLE
Type: UNKNOWN
2002-11-21

Source: CCN
Type: RHSA-2004-383
glibc security update

Source: CCN
Type: CERT Advisory CA-2002-31
Multiple Vulnerabilities in BIND

Source: CERT
Type: Patch, Third Party Advisory, US Government Resource
CA-2002-31

Source: CCN
Type: CIAC Information Bulletin N-013
ISC Remote Vulnerabilities in BIND4 and BIND8

Source: CCN
Type: CIAC Information Bulletin 0-196
"glibc" Buffer Overflow Vulnerabilities

Source: DEBIAN
Type: DSA-196
bind -- several vulnerabilities

Source: CCN
Type: Internet Software Consortium (ISC) Web site
Internet Software Consortium: BIND Vulnerabilities

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.isc.org/products/BIND/bind-security.html

Source: XF
Type: Vendor Advisory
bind-dns-libresolv-bo(10624)

Source: CCN
Type: US-CERT VU#844360
Domain Name System (DNS) stub resolver libraries vulnerable to buffer overflows via network name or address lookups

Source: CERT-VN
Type: US Government Resource
VU#844360

Source: CCN
Type: National Infrastructure Protection Center Advisory 02-009
"Multiple Vulnerabilities in ISC BIND versions 4 and 8"

Source: CCN
Type: OpenPKG-SA-2002.011
BIND

Source: BID
Type: UNKNOWN
6186

Source: CCN
Type: BID-6186
ISC BIND DNS Resolver Buffer Overflow Vulnerability

Source: CCN
Type: BID-7249
Multiple HP Tru64 C Library Vulnerabilities

Source: XF
Type: UNKNOWN
bind-dns-libresolv-bo(10624)

Source: SUSE
Type: SUSE-SR:2004:002
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:isc:bind:4.9.2:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:4.9.3:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:4.9.4:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:4.9.5:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:4.9.6:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:4.9.7:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:4.9.8:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:4.9.9:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:4.9.10:*:*:*:-:*:*:*

Configuration 2:

cpe:/o:astaro:security_linux:2.0.23:*:*:*:*:*:*:*

OR cpe:/o:astaro:security_linux:2.0.24:*:*:*:*:*:*:*

OR cpe:/o:astaro:security_linux:2.0.25:*:*:*:*:*:*:*

OR cpe:/o:astaro:security_linux:2.0.26:*:*:*:*:*:*:*

OR cpe:/o:astaro:security_linux:2.0.27:*:*:*:*:*:*:*

OR cpe:/o:astaro:security_linux:2.0.30:*:*:*:*:*:*:*

OR cpe:/o:astaro:security_linux:3.2.0:*:*:*:*:*:*:*

OR cpe:/o:astaro:security_linux:3.2.10:*:*:*:*:*:*:*

OR cpe:/o:astaro:security_linux:3.2.11:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/o:hp:hp-ux:10.20:*:*:*:*:*:*:*

OR cpe:/a:isc:bind:4.9.5:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:4.9.6:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:4.9.7:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:4.9.2:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:4.9.3:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:4.9.4:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:4.9.8:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:4.9.9:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:4.9.10:*:*:*:-:*:*:*

AND

cpe:/o:hp:hp-ux:10.10:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.04:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:2.2:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux:8.1:*:*:*:*:*:*:*

OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:aw:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20020029	V	CVE-2002-0029	2015-11-16
oval:org.debian:def:196	V	several vulnerabilities	2002-11-14