CVE-2002-0029 Information

Description

Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10 and other derived libraries such as BSD libc and GNU glibc allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname or (2) getnetbyaddr functions aka \LIBRESOLV: buffer overrun\ and a different vulnerability than CVE-2002-0684.

Reference

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-028.txt.asc ftp://patches.sgi.com/support/free/security/advisories/20021201-01-P http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html http://www.cert.org/advisories/CA-2002-31.html http://www.isc.org/products/BIND/bind-security.html http://www.iss.net/security_center/static/10624.php http://www.kb.cert.org/vuls/id/844360 http://www.securityfocus.com/bid/6186