Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2002-0029 | First vendor Publication | 2002-11-29 |
Vendor | Cve | Last vendor Modification | 2008-09-10 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0029 |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-05-05 | Name : HP-UX Update for BIND HPSBUX00233 File : nvt/gb_hp_ux_HPSBUX00233.nasl |
2008-09-04 | Name : FreeBSD Ports: linux_base File : nvt/freebsd_linux_base.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
8330 | ISC BIND DNS stub resolver (libresolv.a) DNS Response Overflow A remote overflow exists in DNS stub resolver. The libresolv.a library fails to perform a bounds check on responses from the DNS server resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Red Hat Enterprise Linux DNS resolver buffer overflow attempt RuleID : 15963 - Revision : 6 - Type : OS-LINUX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2005-07-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_bf2e7483d3fa440d8c6e8f1f2f018818.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-196.nasl - Type : ACT_GATHER_INFO |
2004-08-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-383.nasl - Type : ACT_GATHER_INFO |
2003-09-29 | Name : It is possible to use the remote name server to execute arbitrary code on the... File : bind_stub_res.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-02 01:01:55 |
|
2024-02-01 12:01:19 |
|
2023-09-05 12:01:50 |
|
2023-09-05 01:01:11 |
|
2023-09-02 12:01:51 |
|
2023-09-02 01:01:11 |
|
2023-08-12 12:02:12 |
|
2023-08-12 01:01:11 |
|
2023-08-11 12:01:55 |
|
2023-08-11 01:01:12 |
|
2023-08-06 12:01:46 |
|
2023-08-06 01:01:12 |
|
2023-08-04 12:01:50 |
|
2023-08-04 01:01:11 |
|
2023-07-14 12:01:48 |
|
2023-07-14 01:01:12 |
|
2023-03-29 01:01:47 |
|
2023-03-28 12:01:17 |
|
2022-10-11 12:01:37 |
|
2022-10-11 01:01:05 |
|
2021-05-04 12:01:36 |
|
2021-04-22 01:01:44 |
|
2020-05-23 00:14:53 |
|
2016-04-26 12:05:11 |
|
2014-02-17 10:24:23 |
|
2014-01-19 21:21:36 |
|
2013-05-11 12:07:54 |
|