CVE-2002-0684
 
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr.
Desbordamiento de búfer en las funciones de resolución de DNS que buscan nombres de red y direcciones, como en BIND 4.9.8 y glibc 2.2.5 y anteriores, permiten que servidores DNS remotos ejecuten código arbitrario por medio de una subrutina usada por funciones tales como getnetbyname y getnetbyaddr.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2002-07-11 CVE Reserved
- 2002-07-31 CVE Published
- 2024-06-30 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (7)
URL | Tag | Source |
---|---|---|
http://marc.info/?l=bugtraq&m=102581482511612&w=2 | Mailing List | |
http://www.kb.cert.org/vuls/id/542971 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2002-139.html | 2016-10-18 |
URL | Date | SRC |
---|---|---|
http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000507 | 2016-10-18 | |
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-050.php | 2016-10-18 | |
https://access.redhat.com/security/cve/CVE-2002-0684 | 2003-06-26 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1616795 | 2003-06-26 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | <= 2.2.5 Search vendor "Gnu" for product "Glibc" and version " <= 2.2.5" | - |
Affected
| ||||||
Isc Search vendor "Isc" | Bind Search vendor "Isc" for product "Bind" | 4.9.8 Search vendor "Isc" for product "Bind" and version "4.9.8" | - |
Affected
|