IBM Information for VU#844360

Domain Name System (DNS) stub resolver libraries vulnerable to buffer overflows via network name or address lookups



Vendor Statement

The AIX operating system is vulnerable to the named and DNS resolver issues in releases 4.3.3, 5.1.0 and 5.2.0. The following APARs are available:

AIX 4.3.3 APAR IY37088 (available) AIX 5.1.0 APAR IY37091 (available) AIX 5.2.0 APAR IY37289 (available)

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.