Hewlett-Packard Company Information for VU#803539
Multiple vendors' Domain Name System (DNS) stub resolvers vulnerable to buffer overflows
- Vendor Information Help Date Notified: 27 Jun 2002
- Statement Date:
- Date Updated: 15 Apr 2003
HEWLETT-PACKARD COMPANY SECURITY BULLETIN: HPSBUX0208-209
Originally issued: 12 Aug 2002
reference id: VU#803539, SSRT2316
HP Published Security Bulletin HPSBUX0208-209 with solutions for HP9000 Series 700/800 running HP-UX releases 11.00 and 11.11 (11i) with products using DNS resolver libraries, including, but not limited to, BINDv920.INETSVCS-BIND.
This bulletin is available from the HP IT Resource Center page at: http://itrc.hp.com "Maintenance and Support" then "Support Information Digests" and then "hp security bulletins archive" search for bulletin HPSBUX0208-209.
reference id: VU#542971
describes a specific aspect of this vulnerability
as it affects the GNU libc library (glibc):
The glibc resolver used by HP Secure OS Software for Linux is vulnerable. Please see Hewlett-Packard Company Security Bulletin HPSBTL0207-053 for more information.
The vendor has not provided us with any further information regarding this vulnerability.
HP JetDirect print servers and LaserJet network printers are also affected. Please see HPSBUX0209-218/SSRT2345.
If you have feedback, comments, or additional information about this vulnerability, please send us email.