MetaInfo Information for VU#803539

Multiple vendors' Domain Name System (DNS) stub resolvers vulnerable to buffer overflows



Vendor Statement

In response to DNS CERT advisory CA-2002-19, MetaInfo (a Check Point company) has developed Meta IP NG Feature Pack 1 Hot Fix 4. Hot Fix 4 uses BIND 8.2.6 which implements the fix for this security threat.
To ensure the highest level of security, MetaInfo recommends that ALL PREVIOUS RELEASES of Meta IP (Meta IP 4.x and all previous releases of Meta IP NG) be upgraded to the most current release.

Note: This Hot Fix is only compatible with the most current release, Meta IP NG Feature Pack 1. Since Meta IP 4.x has been transitioned to end of life, customers using any 4.x version of Meta IP will need to upgrade to Meta IP NG FP1 before downloading the Hot Fix.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.