Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1219

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1219
Last Modified 10 Sep 2008 03:14:04
Published 29 Nov 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1219

Summary

Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).

Vulnerable Systems

Operating System

  • Freebsd 4.4

  • Freebsd 4.5

  • Freebsd 4.6

  • Freebsd 4.7

  • Openbsd 3.0

  • Openbsd 3.1

  • Openbsd 3.2

Application

  • Isc Bind 4.9.10

  • Isc Bind 4.9.5

  • Isc Bind 4.9.6

  • Isc Bind 4.9.7

  • Isc Bind 4.9.8

  • Isc Bind 4.9.9

  • Isc Bind 8.2

  • Isc Bind 8.2.1

  • Isc Bind 8.2.2

  • Isc Bind 8.2.3

  • Isc Bind 8.2.4

  • Isc Bind 8.2.5

  • Isc Bind 8.2.6

  • Isc Bind 8.3.0

  • Isc Bind 8.3.1

  • Isc Bind 8.3.2

  • Isc Bind 8.3.3


References

CERT-VN - VU#852283

CERT - CA-2002-31

CONFIRM - http://www.isc.org/products/BIND/bind-security.html

BUGTRAQ - 20021112 [Fwd: Notice of serious vulnerabilities in ISC BIND 4 & 8]

ISS - 20021112 Multiple Remote Vulnerabilities in BIND4 and BIND8

CONFIRM - http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F48818

XF - bind-sig-rr-bo(10304)

BID - 6160

MANDRAKE - MDKSA-2002:077

DEBIAN - DSA-196

CIAC - N-013

BUGTRAQ - 20021115 [OpenPKG-SA-2002.011] OpenPKG Security Advisory (bind, bind8)

COMPAQ - SSRT2408

BUGTRAQ - 20021118 TSLSA-2002-0076 - bind

APPLE - 2002-11-21

CONECTIVA - CLA-2002:546

SGI - 20021201-01-P


Last Updated: 27 May 2016 10:37:14