Vulnerability Note VU#203611
inet_network() off-by-one buffer overflow
The inet_network() resolver function contains an off-by-one buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
The inet_network() function takes a character string representation for an internet address and returns the internet network number in integer form. inet_network() is implemented by various libbind, libc, and GNU libc versions. Applications that link against a vulnerable version of inet_network() may be vulnerable to a one-byte overflow.
A remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial of service on a vulnerable system.
Apply an update
FreeBSD libc - Apply the patch in FreeBSD Security Advisory FreeBSD-SA-08:02.libc
GNU libc - This issue was resolved on February 11, 2000 in the main (diff) and glibc 2.1 (diff) branches
libbind - This issue will be resolved in libbind 9.3.5, 9.4.3, 2.5.0b2, or later. A patch is also available in the ISC Advisory
If you are a vendor and your product is affected, let
us know.View More »
|Vendor||Status||Date Notified||Date Updated|
|FreeBSD, Inc.||Affected||17 Jan 2008||25 Jan 2008|
|GNU glibc||Affected||17 Jan 2008||25 Jan 2008|
|OpenBSD||Affected||17 Jan 2008||21 Jan 2008|
|Apple Computer, Inc.||Not Affected||17 Jan 2008||25 Jan 2008|
|BlueCat Networks, Inc.||Not Affected||17 Jan 2008||28 Apr 2008|
|Hewlett-Packard Company||Not Affected||17 Jan 2008||31 Jan 2008|
|Infoblox||Not Affected||17 Jan 2008||31 Jan 2008|
|Ingrian Networks, Inc.||Not Affected||17 Jan 2008||29 Jan 2008|
|Mandriva, Inc.||Not Affected||17 Jan 2008||21 Jan 2008|
|Microsoft Corporation||Not Affected||17 Jan 2008||18 Jan 2008|
|CentOS||Unknown||17 Jan 2008||17 Jan 2008|
|Check Point Software Technologies||Unknown||17 Jan 2008||17 Jan 2008|
|Conectiva Inc.||Unknown||17 Jan 2008||17 Jan 2008|
|Cray Inc.||Unknown||17 Jan 2008||17 Jan 2008|
|Debian GNU/Linux||Unknown||17 Jan 2008||21 Jan 2008|
Thanks to Mark Andrews of ISC for reporting this vulnerability.
This document was written by Will Dormann.
10 Dec 2007
Date First Published:
25 Jan 2008
Date Last Updated:
28 Apr 2008
If you have feedback, comments, or additional information about this vulnerability, please send us email.