Vulnerability Name: CVE-2002-0651 (CCN-9432) Assigned: 2002-06-27 Published: 2002-06-27 Updated: 2017-10-10 Summary: Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers. CVSS v3 Severity: 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
CVSS v2 Severity: 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
Vulnerability Type: CWE-Other Vulnerability Consequences: Gain Access References: Source: CALDERACSSA-2002-SCO.39 OpenServer 5.0.5 OpenServer 5.0.6 : Buffer Overflow in Multiple DNS Resolver Libraries CSSA-2002-SCO.37 UnixWare 7.1.1 : buffer overflow in DNS resolver NetBSD-SA2002-006 DNS resolver vulnerability 20020701-01-I IY32746 buffer overflow in resolver buffer overrun in libc/libresolv DNS resolver Buffer overrun in getnetbyname/getnetbyaddr ESA-20020724-018 20020703 Buffer overflow and DoS i BIND HP Tru64 UNIX - Potential Buffer Overflows & SSRT2229 Potential Denial of Service CVE-2002-0651 CVE-2002-0684 Resolver libraries vulnerabilities CLSA-2002:507 MDKSA-2002:038 20020626 Remote buffer overflow in resolver code of libc FreeBSD-SA-02:28 20020704 [OpenPKG-SA-2002.006] OpenPKG Security Advisory (bind) bind security update Updated bind packages fix buffer overflow in resolver library Updated glibc packages fix vulnerabilities in resolver RHSA-2002:139 glibc security update Updated bind packages fix buffer overflow in resolver library Updated glibc packages fix vulnerabilities Buffer Overflow in DNS Resolver Library (CA-2002-19) Buffer Overflow in Multiple DNS Resolver Libraries CA-2002-19 Buffer Overflow in Multiple Domain Name System (DNS) Libraries BIND dns-resolver-lib-bo(9432) Multiple vendors` Domain Name System (DNS) stub resolvers vulnerable to buffer overflow via network name and address lookups Multiple vendors` Domain Name System (DNS) stub resolvers vulnerable to buffer overflows VU#803539 MDKSA-2002:043 glibc several security-related updates. 007: SECURITY FIX: June 25, 2002 027: SECURITY FIX: June 25, 2002 025: SECURITY FIX: June 25, 2002 BIND Remote buffer overflow in resolver code of libc http://www.pine.nl/advisories/pine-cert-20020601.txt RHSA-2002:119 RHSA-2002:133 RHSA-2002:167 RHSA-2003:154 5100 Multiple Vendor libc DNS Resolver Buffer Overflow Vulnerability bind dns-resolver-lib-bo(9432) oval:org.mitre.oval:def:4190 Vulnerable Configuration: Configuration 1 :cpe:/a:isc:bind:9.4.0:*:*:*:-:*:*:* Configuration CCN 1 :cpe:/o:hp:hp-ux:10.20:*:*:*:*:*:*:* OR cpe:/a:isc:bind:8.2:-:*:*:*:*:*:* OR cpe:/a:isc:bind:8.2:p1:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.1:*:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.5:*:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.5:p1:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.6:*:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.7:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.1:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.1.1:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.1.2:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.2:-:*:*:*:*:*:* OR cpe:/a:isc:bind:8.2.2:p1:*:*:-:*:*:* OR cpe:/a:isc:bind:8.3.2:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.3.1:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.3.0:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.6:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.5:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.4:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.3:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.2:p7:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.2:p5:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.2:p3:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.2:*:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.3:*:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.4:*:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.8:*:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.9:*:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.10:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.2:p6:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.2:p4:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.2:p2:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9:*:*:*:-:*:*:* OR cpe:/a:isc:bind:4:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.3:t1a:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.3:t9b:*:*:-:*:*:* AND cpe:/o:sun:sunos:5.5.1:*:*:*:*:*:*:* OR cpe:/o:sun:sunos:5.6:*:*:*:*:*:*:* OR cpe:/o:hp:hp-ux:10.10:*:*:*:*:*:*:* OR cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:* OR cpe:/o:compaq:tru64:4.0f:*:*:*:*:*:*:* OR cpe:/o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:* OR cpe:/o:sun:sunos:5.8:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:6.2:*:*:*:*:*:*:* OR cpe:/o:freebsd:freebsd:4.0:*:*:*:*:*:*:* OR cpe:/o:hp:hp-ux:11.04:*:*:*:*:*:*:* OR cpe:/o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:* OR cpe:/o:trustix:secure_linux:1.1:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:* OR cpe:/o:netbsd:netbsd:1.4:*:*:*:*:*:*:* OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:* OR cpe:/o:freebsd:freebsd:4.1:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:* OR cpe:/o:netbsd:netbsd:1.5:*:*:*:*:*:*:* OR cpe:/o:hp:hp-ux:10.24:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:7.0:*:*:*:*:*:*:* OR cpe:/o:compaq:tru64:4.0g:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:6.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:* OR cpe:/o:freebsd:freebsd:4.2:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:7.1:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:* OR cpe:/o:trustix:secure_linux:1.2:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:* OR cpe:/o:openbsd:openbsd:2.9:*:*:*:*:*:*:* OR cpe:/a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:7.2:*:*:*:*:*:*:* OR cpe:/o:freebsd:freebsd:4.3:-:*:*:*:*:*:* OR cpe:/o:conectiva:linux:7.0:*:*:*:*:*:*:* OR cpe:/o:trustix:secure_linux:1.5:*:*:*:*:*:*:* OR cpe:/o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:* OR cpe:/o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:* OR cpe:/o:compaq:tru64:5.0a:*:*:*:*:*:*:* OR cpe:/o:compaq:tru64:5.1:*:*:*:*:*:*:* OR cpe:/o:compaq:tru64:5.1a:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:7.3:*:*:*:*:*:*:* OR cpe:/o:openbsd:openbsd:3.0:*:*:*:*:*:*:* OR cpe:/o:freebsd:freebsd:4.4:-:*:*:*:*:*:* OR cpe:/o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:* OR cpe:/o:engardelinux:secure_linux:-:*:*:*:*:*:*:* OR cpe:/a:suse:suse_linux_firewall:*:*:*:*:*:*:*:* OR cpe:/a:suse:suse_linux_database_server:*:*:*:*:*:*:*:* OR cpe:/a:suse:suse_email_server:iii:*:*:*:*:*:*:* OR cpe:/a:openpkg:openpkg:1.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:8.0:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:8.0:*:*:*:*:*:*:* OR cpe:/o:openbsd:openbsd:3.1:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:* OR cpe:/o:freebsd:freebsd:4.5:-:*:*:*:*:*:* OR cpe:/o:sun:sunos:5.9:*:*:*:*:*:*:* OR cpe:/o:freebsd:freebsd:4.6:-:*:*:*:*:*:* OR cpe:/o:netbsd:netbsd:1.6:beta:*:*:*:*:*:* OR cpe:/o:hp:hp-ux:11.22:*:*:*:*:*:*:* OR cpe:/o:netbsd:netbsd:current:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:* OR cpe:/o:sun:sunos:5.7:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:pseries:* OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:iseries:* OR cpe:/o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:8.1:*:ia64:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:8.2:*:ppc:*:*:*:*:* Oval Definitions BACK
isc bind 9.4.0
hp hp-ux 10.20
isc bind 8.2
isc bind 8.2 p1
isc bind 8.2.1
isc bind 4.9.5
isc bind 4.9.5 p1
isc bind 4.9.6
isc bind 4.9.7
isc bind 8.1
isc bind 8.1.1
isc bind 8.1.2
isc bind 8.2.2
isc bind 8.2.2 p1
isc bind 8.3.2
isc bind 8.3.1
isc bind 8.3.0
isc bind 8.2.6
isc bind 8.2.5
isc bind 8.2.4
isc bind 8.2.3
isc bind 8.2.2 p7
isc bind 8.2.2 p5
isc bind 8.2.2 p3
isc bind 4.9.2
isc bind 4.9.3
isc bind 4.9.4
isc bind 4.9.8
isc bind 4.9.9
isc bind 4.9.10
isc bind 8.2.2 p6
isc bind 8.2.2 p4
isc bind 8.2.2 p2
isc bind 4.9
isc bind 4
isc bind 8
isc bind 8.2.3 t1a
isc bind 8.2.3 t9b
sun solaris 2.5.1
sun solaris 2.6
hp hp-ux 10.10
hp hp-ux 11.00
compaq tru64 4.0f
netbsd netbsd 1.4.1
sun solaris 8
redhat linux 6.2
freebsd freebsd 4.0
hp hp-ux 11.04
netbsd netbsd 1.4.2
mandrakesoft mandrake linux 7.1
trustix secure linux 1.1
redhat linux 7
netbsd netbsd 1.4
hp hp-ux 11.11
freebsd freebsd 4.1
mandrakesoft mandrake linux 7.2
netbsd netbsd 1.5
hp hp-ux 10.24
suse suse linux 7.0
compaq tru64 4.0g
conectiva linux 6.0
mandrakesoft mandrake linux corporate server 1.0.1
freebsd freebsd 4.2
suse suse linux 7.1
redhat linux 7.1
trustix secure linux 1.2
mandrakesoft mandrake linux 8.0
openbsd openbsd 2.9
mandrakesoft mandrake single network firewall 7.2
suse suse linux 7.2
freebsd freebsd 4.3 -
conectiva linux 7.0
trustix secure linux 1.5
netbsd netbsd 1.4.3
netbsd netbsd 1.5.1
compaq tru64 5.0a
compaq tru64 5.1
compaq tru64 5.1a
mandrakesoft mandrake linux 8.1
redhat linux 7.2
suse suse linux 7.3
openbsd openbsd 3.0
freebsd freebsd 4.4 -
netbsd netbsd 1.5.2
engardelinux secure linux -
suse suse linux firewall *
suse suse linux database server *
suse suse email server iii
openpkg openpkg 1.0
mandrakesoft mandrake linux 8.2
suse suse linux 8.0
conectiva linux 8.0
openbsd openbsd 3.1
redhat linux 7.3
freebsd freebsd 4.5 -
sun solaris 9
freebsd freebsd 4.6 -
netbsd netbsd 1.6 beta
hp hp-ux 11.22
netbsd netbsd current
redhat enterprise linux 2.1
sun solaris 7.0
redhat linux 7.1
redhat linux 7.1
mandrakesoft mandrake linux 8.0
mandrakesoft mandrake linux 8.1
mandrakesoft mandrake linux 8.2
Denotes that component is vulnerable