Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0400

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-0400
Last Modified 10 Sep 2008 03:11:55
Published 18 Jun 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0400

Summary

ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype.

Vulnerable Systems

Application

  • Isc Bind 9.0

  • Isc Bind 9.1

  • Isc Bind 9.1.1

  • Isc Bind 9.1.2

  • Isc Bind 9.1.3

  • Isc Bind 9.2


References

CERT-VN - VU#739123

CERT - CA-2002-15

BID - 4936

REDHAT - RHSA-2003:154

REDHAT - RHSA-2002:119

REDHAT - RHSA-2002:105

SUSE - SuSE-SA:2002:021

XF - bind-findtype-dos(9250)

CONFIRM - http://www.isc.org/index.pl?/sw/bind/bind-security.php

MANDRAKE - MDKSA-2002:038

CONECTIVA - CLA-2002:494

HP - HPSBUX0207-202

CALDERA - CSSA-2002-SCO.24


Last Updated: 27 May 2016 10:36:54