SGI Information for VU#325431
Queries to ISC BIND servers may disclose environment variables
- Vendor Information Help Date Notified: 03 Jan 2001
- Statement Date:
- Date Updated: 27 Apr 2001
Unknown. If you are the vendor named above, please contact us to update your status.
SGI's IRIX (tm) operating system contains base BIND 4.9.7 with SGI modifications. IRIX BIND 4.9.7 is vulnerable to buffer overflow in nslookupComplain(). Patches are forth coming and will be released with an advisory to http://www.sgi.com/support/security/ when available.
The vendor has not provided us with any further information regarding this vulnerability.
SGI has released an advisory regarding this vulnerability. For further information, please visit