CVE

Id
5074  
CVE No.
CVE-2002-0684  
Status
Candidate  
Description
Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr.  
Phase
Modified (20040818)  
Votes
ACCEPT(5) Baker, Cole, Foat, Green, Wall | MODIFY(2) Cox, Frech | NOOP(1) Christey  
Comments
Cox> RHSA-2002:133 is CVE-2002-0651 not this one, ADDREF:RHSA-2002:167 | Christey> HP:HPSBUX0209-218 | URL:http://archives.neohapsis.com/archives/hp/2002-q3/0087.html | Frech> XF:dns-resolver-lib-bo(9432) | Christey> DELREF REDHAT:RHSA-2002:133 | Christey> DELREF REDHAT:RHSA-2002:133  

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
26643 5074 CVE-2002-0684 REDHAT:RHSA-2002:139  View
26644 5074 CVE-2002-0684 URL:http://rhn.redhat.com/errata/RHSA-2002-139.html  View
26645 5074 CVE-2002-0684 BUGTRAQ:20020704 Re: Remote buffer overflow in resolver code of libc  View
26646 5074 CVE-2002-0684 URL:http://marc.info/?l=bugtraq&m=102581482511612&w=2  View
26647 5074 CVE-2002-0684 SUSE:SuSE-SA:2002:026  View
26648 5074 CVE-2002-0684 CERT:CA-2002-19  View
26649 5074 CVE-2002-0684 CERT-VN:VU#542971  View
26650 5074 CVE-2002-0684 URL:http://www.kb.cert.org/vuls/id/542971  View
26651 5074 CVE-2002-0684 MANDRAKE:MDKSA-2002:050  View
26652 5074 CVE-2002-0684 URL:http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-050.php  View
26653 5074 CVE-2002-0684 CONECTIVA:CLSA-2002:507  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
63813 JVNDB-2002-000140 BIND の DNS リゾルバ機能におけるバッファオーバーフローの脆弱性 ------------ CVE-2002-0684 5074 7.5 http://jvndb.jvn.jp/ja/contents/2002/JVNDB-2002-000140.html  View