MDKSA-2002:043

Nom du paquet

bind

Date

2002-07-16

Advisory ID

MDKSA-2002:043

Affected versions

SNF7.2 i586 , 7.2 i586 , 7.1 i586 , CS1.0 i586

Problem description

A buffer overflow vulnerability exists in different implementations of the DNS resolver libraries. A remote attacker able to sent malicious DNS responses could potentially exploit this vulnerability to execute arbitrary code or cause a DoS (Denial of Service) on a vulnerable system. The named daemon itself is not vulnerable to this problem, but this latest version of bind 8 includes fixes to the DNS resolver libraries.

Updated packages

SNF7.2 i586

 85334842b02275f9ebea86821a9f4300  snf7.2/RPMS/bind-8.3.3-1.1mdk.i586.rpm
9f0803a609e9a734182850f966085ba3  snf7.2/RPMS/bind-utils-8.3.3-1.1mdk.i586.rpm
b1c2e58c7e36cb710211bede608d550d  snf7.2/SRPMS/bind-8.3.3-1.1mdk.src.rpm

7.2 i586

 85334842b02275f9ebea86821a9f4300  7.2/RPMS/bind-8.3.3-1.1mdk.i586.rpm
47e4c8afba3147f8035d8579d98764a1  7.2/RPMS/bind-devel-8.3.3-1.1mdk.i586.rpm
9f0803a609e9a734182850f966085ba3  7.2/RPMS/bind-utils-8.3.3-1.1mdk.i586.rpm
b1c2e58c7e36cb710211bede608d550d  7.2/SRPMS/bind-8.3.3-1.1mdk.src.rpm

7.1 i586

 295235c2046dd9ad552c329b3ce98023  7.1/RPMS/bind-8.3.3-1.1mdk.i586.rpm
e43df269df301b4025ccea2b7fc4fdb1  7.1/RPMS/bind-devel-8.3.3-1.1mdk.i586.rpm
ee0d687da7dc5c11f955e50074e60817  7.1/RPMS/bind-utils-8.3.3-1.1mdk.i586.rpm
b1c2e58c7e36cb710211bede608d550d  7.1/SRPMS/bind-8.3.3-1.1mdk.src.rpm

CS1.0 i586

 295235c2046dd9ad552c329b3ce98023  1.0.1/RPMS/bind-8.3.3-1.1mdk.i586.rpm
e43df269df301b4025ccea2b7fc4fdb1  1.0.1/RPMS/bind-devel-8.3.3-1.1mdk.i586.rpm
ee0d687da7dc5c11f955e50074e60817  1.0.1/RPMS/bind-utils-8.3.3-1.1mdk.i586.rpm
b1c2e58c7e36cb710211bede608d550d  1.0.1/SRPMS/bind-8.3.3-1.1mdk.src.rpm

References

• http://www.cert.org/advisories/CA-2002-19
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0651
• http://www.cert.org/advisories/284857