CVE

Id
5215  
CVE No.
CVE-2002-0825  
Status
Candidate  
Description
Buffer overflow in the DNS SRV code for nss_ldap before nss_ldap-198 allows remote attackers to cause a denial of service and possibly execute arbitrary code.  
Phase
Proposed (20020830)  
Votes
ACCEPT(4) Baker, Cole, Cox, Foat | NOOP(2) Christey, Wall  
Comments
Christey> REDHAT:RHSA-2002:084 | Christey> REDHAT:RHSA-2002:084 | Christey> BUGTRAQ:20021013 GLSA: nss_ldap | | Need to determine if the nss_ldap-199 "read buffer overflow" | (basically an incomplete patch to this issue) should get | a different CAN. | Christey> MANDRAKE:MDKSA-2002:075 | Christey> CALDERA:CSSA-2002-058.0 | Christey> XF:nssldap-dns-query-dos(10578) | URL:http://www.iss.net/security_center/static/10578.php | BID:6130 | URL:http://www.securityfocus.com/bid/6130 | Christey> The Red Hat advisory suggests this is a format string issue, | not a buffer overflow. Also may need to mention the | pam_ldap module. | Christey> REDHAT:RHSA-2002:175  

Actions

Related CVE References

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
63908 JVNDB-2002-000235 BIND のnss_ldap におけるバッファオーバーフローの脆弱性 ------------ CVE-2002-0825 5215 7.5 http://jvndb.jvn.jp/ja/contents/2002/JVNDB-2002-000235.html  View