Description
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary ("read buffer overflow"), allowing remote attackers to cause a denial of service (crash).
Products
- GNU glibc
- GNU glibc
- GNU glibc on x64
- GNU glibc 0.1
- GNU glibc 0.4.1
- GNU glibc 0.4
- GNU glibc 0.5
- GNU glibc 0.6
- GNU glibc 1.00
- GNU glibc 1.01
- GNU glibc 1.02
- GNU glibc 1.03
- GNU glibc 1.04
- GNU glibc 1.05
- GNU glibc 1.06.10
- GNU glibc 1.06.11
- GNU glibc 1.06.12
- GNU glibc 1.06.13
- GNU glibc 1.06.1
- GNU glibc 1.06.2
- GNU glibc 1.06.3
- GNU glibc 1.06.4
- GNU glibc 1.06.6
- GNU glibc 1.06.7
- GNU glibc 1.06.8
- GNU glibc 1.06.9
- GNU glibc 1.06
- GNU glibc 1.07.1
- GNU glibc 1.07.2
- GNU glibc 1.07.3
- GNU glibc 1.07.4
- GNU glibc 1.07.5
- GNU glibc 1.07.6
- GNU glibc 1.07
- GNU glibc 1.08.10
- GNU glibc 1.08.11
- GNU glibc 1.08.12
- GNU glibc 1.08.13
- GNU glibc 1.08.14
- GNU glibc 1.08.1
- GNU glibc 1.08.3
- GNU glibc 1.08.4
- GNU glibc 1.08.5
- GNU glibc 1.08.6
- GNU glibc 1.08.7
- GNU glibc 1.08.8
- GNU glibc 1.08.9
- GNU glibc 1.08
- GNU glibc 1.09.1
- GNU glibc 1.09.2
- GNU glibc 1.09.3
- GNU glibc 1.09.5
- GNU glibc 1.09
- GNU glibc 2.0.1
- GNU glibc 2.0.2
- GNU glibc 2.0.3
- GNU glibc 2.0.4
- GNU glibc 2.0.5
- GNU glibc 2.0.6
- GNU glibc 2.0
- GNU glibc 2.1.1.6
- GNU glibc 2.1.1
- GNU glibc 2.1.2
- GNU glibc 2.1.3.10
- GNU glibc 2.1.3
- GNU glibc 2.1.9
- GNU glibc 2.1
- GNU glibc 2.2.1
- GNU glibc 2.2.2
- GNU glibc 2.2.3
- GNU glibc 2.2.4
- GNU glibc 2.2.5
- GNU glibc 2.2
Questions to Ask Vendors
- Can you confirm whether your systems are affected by CVE-2002-1146, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2002-1146 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions
- Check out the advisory links provided below.
References