Vulnerability Name:

CVE-2002-1146 (CCN-10295)

Assigned:2002-10-01
Published:2002-10-01
Updated:2008-09-10
Summary:The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary ("read buffer overflow"), allowing remote attackers to cause a denial of service (crash).
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: FreeBSD Security Advisory FreeBSD-SA-02:42.resolv
buffer overrun in resolver

Source: NETBSD
Type: UNKNOWN
NetBSD-SA2002-015

Source: CCN
Type: Full-Disclosure Mailing List, Tue Oct 08 2002 - 00:26:19 CDT
(another) buffer overrun in libc/libresolv DNS resolver

Source: MITRE
Type: CNA
CVE-2002-1146

Source: CONECTIVA
Type: UNKNOWN
CLA-2002:535

Source: CCN
Type: Conectiva Linux Announcement CLSA-2002:535
Fix for several vulnerabilities and daylight saving time for Brazil

Source: CCN
Type: RHSA-2002-197
Updated glibc packages fix vulnerabilities in resolver

Source: CCN
Type: RHSA-2003-022
glibc security update

Source: CCN
Type: RHSA-2003-212
Updated glibc packages fix vulnerabilities

Source: CCN
Type: Internet Software Consortium Web site
BIND

Source: XF
Type: Vendor Advisory
dns-resolver-lib-read-bo(10295)

Source: CCN
Type: US-CERT VU#738331
Domain Name System (DNS) resolver libraries vulnerable to read buffer overflow

Source: CERT-VN
Type: Third Party Advisory, US Government Resource
VU#738331

Source: CCN
Type: EnGarde Secure Linux Security Advisory ESA-20021003-021
several security-related updates.

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2004:009

Source: REDHAT
Type: UNKNOWN
RHSA-2002:197

Source: REDHAT
Type: UNKNOWN
RHSA-2002:258

Source: REDHAT
Type: UNKNOWN
RHSA-2003:022

Source: REDHAT
Type: UNKNOWN
RHSA-2003:212

Source: XF
Type: UNKNOWN
dns-resolver-lib-read-bo(10295)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:gnu:glibc:*:*:*:*:*:*:*:* (Version <= 2.2.5)

    • Configuration CCN 1:
  • cpe:/o:hp:hp-ux:10.20:*:*:*:*:*:*:*
  • OR cpe:/a:isc:bind:8.2:-:*:*:*:*:*:*
  • OR cpe:/a:isc:bind:4.9.5:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.5:p1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.6:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.7:*:*:*:-:*:*:*
  • OR cpe:/a:gnu:glibc:2.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:isc:bind:4.9.2:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.3:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.4:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.8:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.9:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.10:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4:*:*:*:-:*:*:*
  • AND
  • cpe:/o:sun:sunos:5.6:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:10.10:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:*:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.8:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.2:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.04:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.1:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:10.24:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.2:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.3:-:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:7.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3.3:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.4:-:*:*:*:*:*:*
  • OR cpe:/o:engardelinux:secure_linux:-:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.5:-:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.9:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.6:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.6.1:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.22:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.7:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:pseries:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:iseries:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.6.2:-:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    gnu glibc *
    hp hp-ux 10.20
    isc bind 8.2
    isc bind 4.9.5
    isc bind 4.9.5 p1
    isc bind 4.9.6
    isc bind 4.9.7
    gnu glibc 2.2.5
    isc bind 4.9.2
    isc bind 4.9.3
    isc bind 4.9.4
    isc bind 4.9.8
    isc bind 4.9.9
    isc bind 4.9.10
    isc bind 4.9
    isc bind 4
    sun solaris 2.6
    hp hp-ux 10.10
    hp hp-ux 11.00
    netbsd netbsd *
    debian debian linux *
    suse suse linux *
    sun solaris 8
    redhat linux 6.2
    freebsd freebsd 4.0
    hp hp-ux 11.04
    redhat linux 7
    freebsd freebsd 4.1.1
    hp hp-ux 11.11
    freebsd freebsd 4.1
    hp hp-ux 10.24
    conectiva linux 6.0
    freebsd freebsd 4.2
    ibm aix 5.1
    redhat linux 7.1
    freebsd freebsd 4.3 -
    conectiva linux 7.0
    ibm aix 4.3.3
    redhat linux 7.2
    freebsd freebsd 4.4 -
    engardelinux secure linux -
    conectiva linux 8.0
    redhat linux 7.3
    freebsd freebsd 4.5 -
    sun solaris 9
    freebsd freebsd 4.6 -
    freebsd freebsd 4.6.1
    hp hp-ux 11.22
    mandrakesoft mandrake linux 9.0
    mandrakesoft mandrake multi network firewall 8.2
    mandrakesoft mandrake linux corporate server 2.1
    redhat enterprise linux 2.1
    sun solaris 7.0
    redhat linux advanced workstation 2.1
    redhat linux 7.1
    redhat linux 7.1
    mandrakesoft mandrake linux corporate server 2.1
    freebsd freebsd 4.6.2 -