Slackware Information for VU#542971
Multiple vendors' Domain Name System (DNS) stub resolvers vulnerable to buffer overflow via network name and address lookups
- Vendor Information Help Date Notified:
- Statement Date:
- Date Updated: 13 Aug 2002
Status
Affected
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Vendor References
None
Addendum
Slackware changelogs reflect patches to glibc libraries:
ftp://ftp.slackware.com/pub/slackware/slackware-current/ChangeLog.txt
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/ChangeLog.txt
Tue Jul 30 19:45:52 PDT 2002
...
(* Security fix *)
patches/packages/glibc-2.2.5-i386-3.tgz: Patched to fix a buffer overflow
in glibc's DNS resolver functions that look up network addresses.
Another workaround for this problem is to edit /etc/nsswtich.conf changing:
networks: files dns
to:
networks: files
(* Security fix *)
patches/packages/glibc-solibs-2.2.5-i386-3.tgz: Patched to fix a buffer
overflow in glibc's DNS resolver functions that look up network addresses.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.