Apple Computer Inc. Information for VU#844360

Domain Name System (DNS) stub resolver libraries vulnerable to buffer overflows via network name or address lookups



Vendor Statement

Affected Systems: Mac OS X and Mac OS X Server

Mitigating Factors: BIND is not enabled by default on Mac OS X or Mac OS X Server.

Apple is working on a software update to address this issue.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



See Security Update 2002-11-21:


If you have feedback, comments, or additional information about this vulnerability, please send us email.