7.5

CVE-2002-0684

Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnuGlibc Version <= 2.2.5
IscBind Version4.9.8
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.86% 0.922
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000507
http://rhn.redhat.com/errata/RHSA-2002-139.html
Patch
Vendor Advisory
http://marc.info/?l=bugtraq&m=102581482511612&w=2
http://www.kb.cert.org/vuls/id/542971
US Government Resource
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-050.php