Vulnerability Name: CVE-2002-0684 (CCN-9432) Assigned: 2002-06-27 Published: 2002-06-27 Updated: 2016-10-18 Summary: Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr. CVSS v3 Severity: 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
CVSS v2 Severity: 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
Vulnerability Type: CWE-Other Vulnerability Consequences: Gain Access References: Source: CCNOpenServer 5.0.5 OpenServer 5.0.6 : Buffer Overflow in Multiple DNS Resolver Libraries UnixWare 7.1.1 : buffer overflow in DNS resolver DNS resolver vulnerability buffer overflow in resolver buffer overrun in libc/libresolv DNS resolver Buffer overrun in getnetbyname/getnetbyaddr HP Tru64 UNIX - Potential Buffer Overflows & SSRT2229 Potential Denial of Service CVE-2002-0651 CVE-2002-0684 Resolver libraries vulnerabilities CLSA-2002:507 20020704 Re: Remote buffer overflow in resolver code of libc bind security update Updated bind packages fix buffer overflow in resolver library Updated glibc packages fix vulnerabilities in resolver RHSA-2002:139 glibc security update Updated bind packages fix buffer overflow in resolver library Updated glibc packages fix vulnerabilities Buffer Overflow in DNS Resolver Library (CA-2002-19) Buffer Overflow in Multiple DNS Resolver Libraries Buffer Overflow in Multiple Domain Name System (DNS) Libraries BIND Multiple vendors` Domain Name System (DNS) stub resolvers vulnerable to buffer overflow via network name and address lookups VU#542971 Multiple vendors` Domain Name System (DNS) stub resolvers vulnerable to buffer overflows MDKSA-2002:050 glibc several security-related updates. 007: SECURITY FIX: June 25, 2002 027: SECURITY FIX: June 25, 2002 025: SECURITY FIX: June 25, 2002 BIND Remote buffer overflow in resolver code of libc Multiple Vendor libc DNS Resolver Buffer Overflow Vulnerability bind dns-resolver-lib-bo(9432) Vulnerable Configuration: Configuration 1 :cpe:/a:gnu:glibc:*:*:*:*:*:*:*:* (Version <= 2.2.5)OR cpe:/a:isc:bind:4.9.8:*:*:*:-:*:*:* Configuration CCN 1 :cpe:/o:hp:hp-ux:10.20:*:*:*:*:*:*:* OR cpe:/a:isc:bind:8.2:-:*:*:*:*:*:* OR cpe:/a:isc:bind:8.2:p1:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.1:*:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.5:*:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.5:p1:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.6:*:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.7:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.1:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.1.1:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.1.2:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.2:-:*:*:*:*:*:* OR cpe:/a:isc:bind:8.2.2:p1:*:*:-:*:*:* OR cpe:/a:isc:bind:8.3.2:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.3.1:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.3.0:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.6:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.5:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.4:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.3:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.2:p7:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.2:p5:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.2:p3:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.2:*:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.3:*:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.4:*:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.8:*:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.9:*:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9.10:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.2:p6:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.2:p4:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.2:p2:*:*:-:*:*:* OR cpe:/a:isc:bind:4.9:*:*:*:-:*:*:* OR cpe:/a:isc:bind:4:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8:*:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.3:t1a:*:*:-:*:*:* OR cpe:/a:isc:bind:8.2.3:t9b:*:*:-:*:*:* AND cpe:/o:sun:sunos:5.5.1:*:*:*:*:*:*:* OR cpe:/o:sun:sunos:5.6:*:*:*:*:*:*:* OR cpe:/o:hp:hp-ux:10.10:*:*:*:*:*:*:* OR cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:* OR cpe:/o:compaq:tru64:4.0f:*:*:*:*:*:*:* OR cpe:/o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:* OR cpe:/o:sun:sunos:5.8:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:6.2:*:*:*:*:*:*:* OR cpe:/o:freebsd:freebsd:4.0:*:*:*:*:*:*:* OR cpe:/o:hp:hp-ux:11.04:*:*:*:*:*:*:* OR cpe:/o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:* OR cpe:/o:trustix:secure_linux:1.1:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:* OR cpe:/o:netbsd:netbsd:1.4:*:*:*:*:*:*:* OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:* OR cpe:/o:freebsd:freebsd:4.1:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:* OR cpe:/o:netbsd:netbsd:1.5:*:*:*:*:*:*:* OR cpe:/o:hp:hp-ux:10.24:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:7.0:*:*:*:*:*:*:* OR cpe:/o:compaq:tru64:4.0g:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:6.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:* OR cpe:/o:freebsd:freebsd:4.2:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:7.1:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:* OR cpe:/o:trustix:secure_linux:1.2:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:* OR cpe:/o:openbsd:openbsd:2.9:*:*:*:*:*:*:* OR cpe:/a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:7.2:*:*:*:*:*:*:* OR cpe:/o:freebsd:freebsd:4.3:-:*:*:*:*:*:* OR cpe:/o:conectiva:linux:7.0:*:*:*:*:*:*:* OR cpe:/o:trustix:secure_linux:1.5:*:*:*:*:*:*:* OR cpe:/o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:* OR cpe:/o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:* OR cpe:/o:compaq:tru64:5.0a:*:*:*:*:*:*:* OR cpe:/o:compaq:tru64:5.1:*:*:*:*:*:*:* OR cpe:/o:compaq:tru64:5.1a:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:7.3:*:*:*:*:*:*:* OR cpe:/o:openbsd:openbsd:3.0:*:*:*:*:*:*:* OR cpe:/o:freebsd:freebsd:4.4:-:*:*:*:*:*:* OR cpe:/o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:* OR cpe:/o:engardelinux:secure_linux:-:*:*:*:*:*:*:* OR cpe:/a:suse:suse_linux_firewall:*:*:*:*:*:*:*:* OR cpe:/a:suse:suse_linux_database_server:*:*:*:*:*:*:*:* OR cpe:/a:suse:suse_email_server:iii:*:*:*:*:*:*:* OR cpe:/a:openpkg:openpkg:1.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:8.0:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:8.0:*:*:*:*:*:*:* OR cpe:/o:openbsd:openbsd:3.1:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:* OR cpe:/o:freebsd:freebsd:4.5:-:*:*:*:*:*:* OR cpe:/o:sun:sunos:5.9:*:*:*:*:*:*:* OR cpe:/o:freebsd:freebsd:4.6:-:*:*:*:*:*:* OR cpe:/o:netbsd:netbsd:1.6:beta:*:*:*:*:*:* OR cpe:/o:hp:hp-ux:11.22:*:*:*:*:*:*:* OR cpe:/o:netbsd:netbsd:current:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:* OR cpe:/o:sun:sunos:5.7:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:pseries:* OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:iseries:* OR cpe:/o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:8.1:*:ia64:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:8.2:*:ppc:*:*:*:*:* BACK
gnu glibc *
isc bind 4.9.8
hp hp-ux 10.20
isc bind 8.2
isc bind 8.2 p1
isc bind 8.2.1
isc bind 4.9.5
isc bind 4.9.5 p1
isc bind 4.9.6
isc bind 4.9.7
isc bind 8.1
isc bind 8.1.1
isc bind 8.1.2
isc bind 8.2.2
isc bind 8.2.2 p1
isc bind 8.3.2
isc bind 8.3.1
isc bind 8.3.0
isc bind 8.2.6
isc bind 8.2.5
isc bind 8.2.4
isc bind 8.2.3
isc bind 8.2.2 p7
isc bind 8.2.2 p5
isc bind 8.2.2 p3
isc bind 4.9.2
isc bind 4.9.3
isc bind 4.9.4
isc bind 4.9.8
isc bind 4.9.9
isc bind 4.9.10
isc bind 8.2.2 p6
isc bind 8.2.2 p4
isc bind 8.2.2 p2
isc bind 4.9
isc bind 4
isc bind 8
isc bind 8.2.3 t1a
isc bind 8.2.3 t9b
sun solaris 2.5.1
sun solaris 2.6
hp hp-ux 10.10
hp hp-ux 11.00
compaq tru64 4.0f
netbsd netbsd 1.4.1
sun solaris 8
redhat linux 6.2
freebsd freebsd 4.0
hp hp-ux 11.04
netbsd netbsd 1.4.2
mandrakesoft mandrake linux 7.1
trustix secure linux 1.1
redhat linux 7
netbsd netbsd 1.4
hp hp-ux 11.11
freebsd freebsd 4.1
mandrakesoft mandrake linux 7.2
netbsd netbsd 1.5
hp hp-ux 10.24
suse suse linux 7.0
compaq tru64 4.0g
conectiva linux 6.0
mandrakesoft mandrake linux corporate server 1.0.1
freebsd freebsd 4.2
suse suse linux 7.1
redhat linux 7.1
trustix secure linux 1.2
mandrakesoft mandrake linux 8.0
openbsd openbsd 2.9
mandrakesoft mandrake single network firewall 7.2
suse suse linux 7.2
freebsd freebsd 4.3 -
conectiva linux 7.0
trustix secure linux 1.5
netbsd netbsd 1.4.3
netbsd netbsd 1.5.1
compaq tru64 5.0a
compaq tru64 5.1
compaq tru64 5.1a
mandrakesoft mandrake linux 8.1
redhat linux 7.2
suse suse linux 7.3
openbsd openbsd 3.0
freebsd freebsd 4.4 -
netbsd netbsd 1.5.2
engardelinux secure linux -
suse suse linux firewall *
suse suse linux database server *
suse suse email server iii
openpkg openpkg 1.0
mandrakesoft mandrake linux 8.2
suse suse linux 8.0
conectiva linux 8.0
openbsd openbsd 3.1
redhat linux 7.3
freebsd freebsd 4.5 -
sun solaris 9
freebsd freebsd 4.6 -
netbsd netbsd 1.6 beta
hp hp-ux 11.22
netbsd netbsd current
redhat enterprise linux 2.1
sun solaris 7.0
redhat linux 7.1
redhat linux 7.1
mandrakesoft mandrake linux 8.0
mandrakesoft mandrake linux 8.1
mandrakesoft mandrake linux 8.2
Denotes that component is vulnerable