search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Domain Name System (DNS) stub resolver libraries vulnerable to buffer overflows via network name or address lookups

Vulnerability Note VU#844360

Original Release Date: 2002-11-13 | Last Revised: 2003-04-24

Overview

The DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10 contains buffer overflows in code that handles responses for network name and address requests. Other resolver libraries derived from BIND 4 such as BSD libc, GNU glibc, and those used by System V UNIX systems may also be affected. An attacker could execute arbitrary code with the privileges of the application that made the request or cause a denial of service.

Description

A DNS stub resolver library provides an interface for network applications to make requests and receive responses from the domain name system. The BIND 4 resolver library (libresolv.a) contains several buffer overflows in the functions that handle responses for network name and address requests (getnetbyname(), getnetbyaddr()). While reading the answer portion of a DNS response, the functions copy data received from the network into inadequately sized buffers. A specially crafted DNS response could overflow the buffers, possibly injecting arbitrary code onto the stack.

ISC BIND 4.9.2 through 4.9.10 are vulnerable. DNS stub resolver libraries that are derived from BIND 4 may vulnerable, including BSD libc, GNU glibc, and resolvers used by System V UNIX systems. In addition, some network applications provide their own resolver functions which may use vulnerable code from BIND 4.

The buffer overflows described in this document are different than the network lookup vulnerability described in CA-2002-19/VU#542971/CAN-2002-0684.

When performing a DNS lookup, applications issue calls to resolver functions, at which point most applications dynamically load the relevant portion of the resolver library. Other applications are statically linked at compile time to include resolver functions. In order to use updated resolver code, dynamically linked process must be restarted, and statically linked binaries must be recompiled.

Impact

An attacker could execute arbitrary code with the privileges of the application that made the request or cause a denial of service. The attacker would need to control DNS responses, possibly by spoofing responses or gaining control of a DNS server.

Solution


Patch or Upgrade

Upgrade or apply a patch as specified by your vendor. Dynamically linked processes must be restarted and statically linked binaries must be recompiled and in order to use the fixed resolver libraries.


Local Caching DNS Server Not Effective

A local caching DNS server will not prevent malicious responses from reaching vulnerable stub resolvers.

Vendor Information

844360
 
Affected   Unknown   Unaffected

Apple Computer Inc.

Notified:  November 12, 2002 Updated:  February 25, 2003

Status

  Vulnerable

Vendor Statement

Affected Systems: Mac OS X and Mac OS X Server

Mitigating Factors: BIND is not enabled by default on Mac OS X or Mac OS X Server.

Apple is working on a software update to address this issue.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

See Security Update 2002-11-21:

<http://www.apple.com/support/security/security_updates.html>

If you have feedback, comments, or additional information about this vulnerability, please send us email.

GNU glibc

Notified:  November 12, 2002 Updated:  January 16, 2003

Status

  Vulnerable

Vendor Statement

Version 2.3.1 of the GNU C Library is vulnerable. Earlier versions are also vulnerable. The following patch has been installed into the CVS sources, and should appear in the next version of the GNU C Library. This patch is also available from the following URL:

<http://sources.redhat.com/cgi-bin/cvsweb.cgi/libc/resolv/nss_dns/dns-network.c.diff?r1=1.17&r2=1.15&cvsroot=glibc>

2002-11-18  Roland McGrath  <roland@redhat.com>

        * resolv/nss_dns/dns-network.c (getanswer_r): In BYNAME case, search
        all aliases for one that matches the "<dotted-quad>.IN-ADDR.ARPA" form.
        Do the parsing inline instead of copying strings and calling
        inet_network, and properly skip all alias names not matching the form.

2002-11-14  Paul Eggert  <eggert@twinsun.com>

        * resolv/nss_dns/dns-network.c (getanswer_r): Check for buffer
        overflow when skipping the question part and when unpacking aliases.

===================================================================
RCS file: /cvs/glibc/libc/resolv/nss_dns/dns-network.c,v
retrieving revision 1.15
retrieving revision 1.17
diff -u -r1.15 -r1.17
--- libc/resolv/nss_dns/dns-network.c   2002/10/17 21:49:12     1.15
+++ libc/resolv/nss_dns/dns-network.c   2002/11/19 06:40:16     1.17
@@ -283,7 +283,15 @@

   /* Skip the question part.  */
   while (question_count-- > 0)
-    cp += __dn_skipname (cp, end_of_message) + QFIXEDSZ;
+    {
+      int n = __dn_skipname (cp, end_of_message);
+      if (n < 0 || end_of_message - (cp + n) < QFIXEDSZ)
+       {
+         __set_h_errno (NO_RECOVERY);
+         return NSS_STATUS_UNAVAIL;
+       }
+      cp += n + QFIXEDSZ;
+    }

   alias_pointer = result->n_aliases = &net_data->aliases[0];
   *alias_pointer = NULL;
@@ -344,64 +352,94 @@
              return NSS_STATUS_UNAVAIL;
            }
          cp += n;
-         *alias_pointer++ = bp;
-         n = strlen (bp) + 1;
-         bp += n;
-         linebuflen -= n;
-         result->n_addrtype = class == C_IN ? AF_INET : AF_UNSPEC;
-         ++have_answer;
+         if (alias_pointer + 2 < &net_data->aliases[MAX_NR_ALIASES])
+           {
+             *alias_pointer++ = bp;
+             n = strlen (bp) + 1;
+             bp += n;
+             linebuflen -= n;
+             result->n_addrtype = class == C_IN ? AF_INET : AF_UNSPEC;
+             ++have_answer;
+           }
        }
     }

   if (have_answer)
     {
-      char *tmp;
-      int len;
-      char *in, *cp, *rp, *wp;
-      int cnt, first_flag;
-
       *alias_pointer = NULL;
       switch (net_i)
        {
        case BYADDR:
-         result->n_name = result->n_aliases[0];
+         result->n_name = *result->n_aliases++;
          result->n_net = 0L;
-         break;
-       case BYNAME:
-         len = strlen (result->n_aliases[0]);
-         tmp = (char *) alloca (len + 1);
-         tmp[len] = 0;
-         wp = &tmp[len - 1];
-
-         rp = in = result->n_aliases[0];
-         result->n_name = ans;
-
-         first_flag = 1;
-         for (cnt = 0; cnt < 4; ++cnt)
-           {
-             char *startp;
+         return NSS_STATUS_SUCCESS;

-             startp = rp;
-             while (*rp != '.')
-               ++rp;
-             if (rp - startp > 1 || *startp != '0' || !first_flag)
-               {
-                 first_flag = 0;
-                 if (cnt > 0)
-                   *wp-- = '.';
-                 cp = rp;
-                 while (cp > startp)
-                   *wp-- = *--cp;
-               }
-             in = rp + 1;
-           }
-
-         result->n_net = inet_network (wp);
+       case BYNAME:
+         {
+           char **ap = result->n_aliases++;
+           while (*ap != NULL)
+             {
+               /* Check each alias name for being of the forms:
+                  4.3.2.1.in-addr.arpa         = net 1.2.3.4
+                  3.2.1.in-addr.arpa           = net 0.1.2.3
+                  2.1.in-addr.arpa             = net 0.0.1.2
+                  1.in-addr.arpa               = net 0.0.0.1
+               */
+               uint32_t val = 0;       /* Accumulator for n_net value.  */
+               unsigned int shift = 0; /* Which part we are parsing now.  */
+               const char *p = *ap; /* Consuming the string.  */
+               do
+                 {
+                   /* Match the leading 0 or 0[xX] base indicator.  */
+                   unsigned int base = 10;
+                   if (*p == '0' && p[1] != '.')
+                     {
+                       base = 8;
+                       ++p;
+                       if (*p == 'x' || *p == 'X')
+                         {
+                           base = 16;
+                           ++p;
+                           if (*p == '.')
+                             break; /* No digit here.  Give up on alias.  */
+                         }
+                       if (*p == '\0')
+                         break;
+                     }
+
+                   uint32_t part = 0; /* Accumulates this part's number.  */
+                   do
+                     {
+                       if (isdigit (*p) && (*p - '0' < base))
+                         part = (part * base) + (*p - '0');
+                       else if (base == 16 && isxdigit (*p))
+                         part = (part << 4) + 10 + (tolower (*p) - 'a');
+                       ++p;
+                     } while (*p != '\0' && *p != '.');
+
+                   if (*p != '.')
+                     break;    /* Bad form.  Give up on this name.  */
+
+                   /* Install this as the next more significant byte.  */
+                   val |= part << shift;
+                   shift += 8;
+                   ++p;
+
+                   /* If we are out of digits now, there are two cases:
+                      1. We are done with digits and now see "in-addr.arpa".
+                      2. This is not the droid we are looking for.  */
+                   if (!isdigit (*p) && !strcasecmp (p, "in-addr.arpa"))
+                     {
+                       result->n_net = val;
+                       return NSS_STATUS_SUCCESS;
+                     }
+
+                   /* Keep going when we have seen fewer than 4 parts.  */
+                 } while (shift < 32);
+             }
+         }
          break;
        }
-
-      ++result->n_aliases;
-      return NSS_STATUS_SUCCESS;
     }

   __set_h_errno (TRY_AGAIN);

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Hewlett-Packard Company

Notified:  November 12, 2002 Updated:  April 15, 2003

Status

  Vulnerable

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

See: SSRT2270, SSRT2322/HPSBUX0303-209

<http://ftp.support.compaq.com/patches/.new/unix.shtml>

If you have feedback, comments, or additional information about this vulnerability, please send us email.

IBM

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Vulnerable

Vendor Statement

The AIX operating system is vulnerable to the named and DNS resolver issues in releases 4.3.3, 5.1.0 and 5.2.0. The following APARs are available:

AIX 4.3.3 APAR IY37088 (available)AIX 5.1.0 APAR IY37091 (available)AIX 5.2.0 APAR IY37289 (available)

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

ISC

Notified:  October 22, 2002 Updated:  November 13, 2002

Status

  Vulnerable

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please reference the "LIBRESOLV: buffer overrun" section of the ISC BIND Vulnerabilities web page.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

MetaSolv Software Inc.

Notified:  November 12, 2002 Updated:  November 15, 2002

Status

  Vulnerable

Vendor Statement

VU#844360 - Domain Name System (DNS) stub resolver libraries vulnerable to buffer overflows via network name or address lookups (VU#852283 - CAN-2002-1219 / VU#229595 - CAN-2002-1220 / VU#581682 - CAN-2002-1221/ VU#844360 - CAN-2002-0029) was addressed in Policy Services 4.2 Service Pack 1 efix 1. The vulnerability can be avoided by upgrading to Policy Services 4.2 Service Pack 1 efix 1 from MetaSolv Policy Services 4.1 and 4.2 (base). The efix includes all ISC sanctioned patches to BIND 8.2.6. to remedy this vulnerability. Please contact MetaSolv Global Customer Care supporthd@metasolv.com for assistance.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

NetBSD

Notified:  November 12, 2002 Updated:  February 25, 2003

Status

  Vulnerable

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

<ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-028.txt.asc>

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Openwall GNU/*/Linux

Notified:  November 12, 2002 Updated:  November 14, 2002

Status

  Vulnerable

Vendor Statement

BIND 4.9.10-OW2 includes the patch provided by ISC and thus has the two vulnerabilities affecting BIND 4 fixed. Previous versions of BIND 4.9.x-OW patches, if used properly, significantly reduced the impact of the "named" vulnerability. The patches are available at their usual location:

http://www.openwall.com/bind/

A patch against BIND 4.9.11 will appear as soon as this version is officially released, although it will likely be effectively the same as the currently available 4.9.10-OW2.

It hasn't been fully researched whether the resolver code in glibc, and in particular on Openwall GNU/*/Linux, shares any of the newly discovered BIND 4 resolver library vulnerabilities. Analysis is in progress.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

SGI

Notified:  November 12, 2002 Updated:  December 05, 2002

Status

  Vulnerable

Vendor Statement

Please see SGI Security Advisory 20021201-01-P.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Sun Microsystems Inc.

Notified:  November 12, 2002 Updated:  November 15, 2002

Status

  Vulnerable

Vendor Statement

The Solaris DNS resolver library (libresolv(3LIB)) is affected by VU#844360 in the following supported versions of Solaris:

Solaris 2.6

Patches are being generated for all of the above releases. Sun will be publishing a Sun Alert for this issue at the following location shortly:

http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fsalert%2F48818

The patches will be available from:

http://sunsolve.sun.com/securitypatch

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

The SCO Group

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Vulnerable

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

OpenLinux

<ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2002-059.0.txt>

UnixWare 7.1.1
<ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.2/CSSA-2003-SCO.2.txt>

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Xerox Corporation

Notified:  November 12, 2002 Updated:  April 24, 2003

Status

  Vulnerable

Vendor Statement

A response to this vulnerability is available from our web site: http://www.xerox.com/security.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

FreeBSD

Notified:  November 12, 2002 Updated:  November 14, 2002

Status

  Not Vulnerable

Vendor Statement

The FreeBSD libc resolver is not affected by the issues described in VU#844360.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

NcFTP Software

Updated:  December 05, 2002

Status

  Not Vulnerable

Vendor Statement

NcFTPd Server, NcFTP Client, and LibNcFTP are not affected. We do not use the getnetbyname() or getnetbyaddr() functions in our code.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

OpenBSD

Notified:  November 12, 2002 Updated:  November 14, 2002

Status

  Not Vulnerable

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

PADL Software

Notified:  November 14, 2002 Updated:  November 14, 2002

Status

  Not Vulnerable

Vendor Statement

I don't believe nss_ldap is vulnerable. We implement our own getnetby*() but it has nothing to do with the resolver library (except insofaras we support the BIND IRS).

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

AT&T

Notified:  November 12, 2002 Updated:  April 04, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Alcatel

Notified:  November 12, 2002 Updated:  February 25, 2003

Status

  Unknown

Vendor Statement

Following CERT advisory CA-2002-31 on security vulnerabilities in the ISC BIND implementation, Alcatel has conducted an immediate assessment to determine any impact this may have on our portfolio. A first analysis has shown that the following products (OmniSwitch 6600, 7700, 8800) may be impacted. Customers may wish to contact their support for more details. The security of our customers' networks is of highest priority for Alcatel. Therefore we continue to test our product portfolio against potential ISC BIND security vulnerabilities and will provide updates if necessary.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Avaya

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

BlueCat Networks

Notified:  November 12, 2002 Updated:  November 12, 2002

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Check Point

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Cisco Systems Inc.

Notified:  November 12, 2002 Updated:  November 15, 2002

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Computer Associates

Notified:  November 12, 2002 Updated:  November 15, 2002

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Conectiva

Notified:  November 12, 2002 Updated:  November 12, 2002

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Cray Inc.

Notified:  November 12, 2002 Updated:  November 14, 2002

Status

  Unknown

Vendor Statement

Cray Inc. may be vulnerable and has opened spr 723892 to investigate.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

D-Link Systems

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Data General

Notified:  November 12, 2002 Updated:  November 15, 2002

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Debian

Notified:  November 12, 2002 Updated:  February 26, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

F5 Networks

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

FreeRADIUS

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Fujitsu

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Funk Software

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

GNU adns

Notified:  November 12, 2002 Updated:  November 12, 2002

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Guardian Digital Inc.

Notified:  November 12, 2002 Updated:  April 04, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Intel

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Juniper Networks

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

KTH Kerberos

Notified:  November 14, 2002 Updated:  November 14, 2002

Status

  Unknown

Vendor Statement

Neither Heimdal nor KTH Kerberos 4 use getnetby*() directly.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Lotus Software

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Lucent Technologies

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

MandrakeSoft

Notified:  November 12, 2002 Updated:  November 12, 2002

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Men&Mice

Notified:  November 12, 2002 Updated:  November 12, 2002

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

MiT Kerberos Development Team

Notified:  November 12, 2002 Updated:  November 12, 2002

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Microsoft Corporation

Notified:  November 12, 2002 Updated:  November 12, 2002

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

MontaVista Software

Notified:  November 12, 2002 Updated:  November 12, 2002

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

NEC Corporation

Notified:  November 12, 2002 Updated:  April 04, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Network Appliance

Notified:  November 12, 2002 Updated:  April 04, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Nixu

Notified:  November 12, 2002 Updated:  November 12, 2002

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Nokia

Notified:  November 12, 2002 Updated:  November 13, 2002

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Nominum

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Nortel Networks

Notified:  November 12, 2002 Updated:  November 15, 2002

Status

  Unknown

Vendor Statement

Nortel Networks is determining whether NetID or Optivity NMS are potentially affected by the vulnerabilities identified in CERT/CC Advisory CA-2002-31 and will update this Vendor Statement accordingly.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

OpenSSH

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

PuTTY

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Red Hat Inc.

Notified:  November 12, 2002 Updated:  November 12, 2002

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Sequent

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Sony Corporation

Notified:  November 12, 2002 Updated:  November 15, 2002

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

SuSE Inc.

Notified:  November 12, 2002 Updated:  November 12, 2002

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

The Open Group

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Trend Micro

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Trustix

Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

<http://www.trustix.net/errata/misc/2002/TSL-2002-0076-bind.asc.txt>

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Unisys

Notified:  November 12, 2002 Updated:  April 04, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Wind River Systems Inc.

Notified:  November 12, 2002 Updated:  November 12, 2002

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Wirex

Notified:  November 12, 2002 Updated:  November 13, 2002

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Xi Graphics

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

YARD RADIUS

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

djbdns

Notified:  November 12, 2002 Updated:  February 27, 2003

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

fetchmail

Notified:  November 14, 2002 Updated:  November 14, 2002

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.


CVSS Metrics

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A

References

Credit

This vulnerability was reported by CERT/CC staff.

This document was written by Art Manion.

Other Information

CVE IDs: CVE-2002-0029
CERT Advisory: CA-2002-31
Severity Metric: 8.91
Date Public: 2002-11-12
Date First Published: 2002-11-13
Date Last Updated: 2003-04-24 04:14 UTC
Document Revision: 22

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.