CVE-2002-2212 | Spoofing Vulnerability

Description

The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.

Products

ISC BIND 4.9.10
ISC BIND 4.9.10
ISC BIND 4.9.2
ISC BIND 4.9.2
ISC BIND 4.9.3
ISC BIND 4.9.3
ISC BIND 4.9.4
ISC BIND 4.9.4
ISC BIND 4.9.5
ISC BIND 4.9.5
ISC BIND 4.9.5 Patch 1
ISC BIND 4.9.5 Patch 1
ISC BIND 4.9.6
ISC BIND 4.9.6
ISC BIND 4.9.7
ISC BIND 4.9.7
ISC BIND 4.9.8
ISC BIND 4.9.8
ISC BIND 4.9.9
ISC BIND 4.9.9
ISC BIND 4.9
ISC BIND 4.9
ISC BIND 8.2.1
ISC BIND 8.2.1
ISC BIND 8.2.2
ISC BIND 8.2.2
ISC BIND 8.2.2
ISC BIND 8.2.2 Patch 1
ISC BIND 8.2.2 Patch 1
ISC BIND 8.2.2 Patch 2
ISC BIND 8.2.2 Patch 2
ISC BIND 8.2.2 Patch 3
ISC BIND 8.2.2 Patch 3
ISC BIND 8.2.2 Patch 4
ISC BIND 8.2.2 Patch 4
ISC BIND 8.2.2 Patch 5
ISC BIND 8.2.2 Patch 5
ISC BIND 8.2.2 Patch 6
ISC BIND 8.2.2 Patch 6
ISC BIND 8.2.2 Patch 7
ISC BIND 8.2.2 Patch 7
ISC BIND 8.2.3
ISC BIND 8.2.3
ISC BIND 8.2.3 T1a
ISC BIND 8.2.3 T1a
ISC BIND 8.2.3 T9b
ISC BIND 8.2.3 T9b
ISC BIND 8.2.4
ISC BIND 8.2.4
ISC BIND 8.2.5
ISC BIND 8.2.5
ISC BIND 8.2.6
ISC BIND 8.2.6
ISC BIND 8.2.7
ISC BIND 8.2.7
ISC BIND 8.2
ISC BIND 8.2
ISC BIND 8.2
ISC BIND 8.2 Patch 1
ISC BIND 8.2 Patch 1
ISC BIND 8.3.0
ISC BIND 8.3.0
ISC BIND 8.3.1
ISC BIND 8.3.1
ISC BIND 8.3.2
ISC BIND 8.3.2
ISC BIND 8.3.3
ISC BIND 8.3.3
ISC BIND 8.3.4
ISC BIND 8.3.4
Fujitsu UXP/V

Questions to Ask Vendors

Can you confirm whether your systems are affected by CVE-2002-2212, and if so, what steps are you currently taking to mitigate this vulnerability?
What is your estimated timeline for fully resolving CVE-2002-2212 in your products or services, and how will you communicate updates on this issue to us as your customer?

Recommended Actions

Check out the advisory links provided below.

References

https://nvd.nist.gov/vuln/detail/CVE-2002-2212

PUBLISHED DATE: December 31, 2002CVE-2002-2212:
Spoofing Vulnerability

CVSS:

EPSS:

Exploitability:

In KEV:

Description

Products

Questions to Ask Vendors

Recommended Actions

References

Ready to get results you can trust?