CVE-2002-1219

Severity Score

7.5

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).

Desbordamiento de búfer en BIND versiones 4 anteriores a 4.9.10, y versiones 8 anteriores a 8.3.3, permite a atacantes remotos ejecutar código arbitrario mediante una cierta respuesta de servidor DNS conteniendo registros de recursos (RR) SIG.

*Credits: N/A

CVSS Scores

NISTv2 7.5

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2002-10-16 CVE Reserved
2002-11-29 CVE Published
2024-08-08 CVE Updated
2024-09-16 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (18)

URL	Tag	Source
http://marc.info/?l=bugtraq&m=103713117612842&w=2	Mailing List
http://marc.info/?l=bugtraq&m=103763574715133&w=2	Mailing List
http://online.securityfocus.com/archive/1/300019	Mailing List
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F48818	X_refsource_confirm
http://www.cert.org/advisories/CA-2002-31.html	Third Party Advisory
http://www.ciac.org/ciac/bulletins/n-013.shtml	Government Resource
http://www.kb.cert.org/vuls/id/852283	Third Party Advisory
http://www.securityfocus.com/bid/6160	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/10304	Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2539	Signature

URL	Date	SRC

URL	Date	SRC
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469	2018-05-03
http://www.isc.org/products/BIND/bind-security.html	2018-05-03

URL	Date	SRC
ftp://patches.sgi.com/support/free/security/advisories/20021201-01-P	2018-05-03
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000546	2018-05-03
http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html	2018-05-03
http://online.securityfocus.com/advisories/4999	2018-05-03
http://www.debian.org/security/2002/dsa-196	2018-05-03
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-077.php	2018-05-03

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				4.9.5 Search vendor "Isc" for product "Bind" and version "4.9.5"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				4.9.6 Search vendor "Isc" for product "Bind" and version "4.9.6"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				4.9.7 Search vendor "Isc" for product "Bind" and version "4.9.7"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				4.9.8 Search vendor "Isc" for product "Bind" and version "4.9.8"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				4.9.9 Search vendor "Isc" for product "Bind" and version "4.9.9"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				4.9.10 Search vendor "Isc" for product "Bind" and version "4.9.10"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				8.2 Search vendor "Isc" for product "Bind" and version "8.2"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				8.2.1 Search vendor "Isc" for product "Bind" and version "8.2.1"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				8.2.2 Search vendor "Isc" for product "Bind" and version "8.2.2"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				8.2.3 Search vendor "Isc" for product "Bind" and version "8.2.3"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				8.2.4 Search vendor "Isc" for product "Bind" and version "8.2.4"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				8.2.5 Search vendor "Isc" for product "Bind" and version "8.2.5"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				8.2.6 Search vendor "Isc" for product "Bind" and version "8.2.6"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				8.3.0 Search vendor "Isc" for product "Bind" and version "8.3.0"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				8.3.1 Search vendor "Isc" for product "Bind" and version "8.3.1"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				8.3.2 Search vendor "Isc" for product "Bind" and version "8.3.2"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				8.3.3 Search vendor "Isc" for product "Bind" and version "8.3.3"		-		Affected
Freebsd Search vendor "Freebsd"		Freebsd Search vendor "Freebsd" for product "Freebsd"				4.4 Search vendor "Freebsd" for product "Freebsd" and version "4.4"		-		Affected
Freebsd Search vendor "Freebsd"		Freebsd Search vendor "Freebsd" for product "Freebsd"				4.5 Search vendor "Freebsd" for product "Freebsd" and version "4.5"		-		Affected
Freebsd Search vendor "Freebsd"		Freebsd Search vendor "Freebsd" for product "Freebsd"				4.6 Search vendor "Freebsd" for product "Freebsd" and version "4.6"		-		Affected
Freebsd Search vendor "Freebsd"		Freebsd Search vendor "Freebsd" for product "Freebsd"				4.7 Search vendor "Freebsd" for product "Freebsd" and version "4.7"		-		Affected
Openbsd Search vendor "Openbsd"		Openbsd Search vendor "Openbsd" for product "Openbsd"				3.0 Search vendor "Openbsd" for product "Openbsd" and version "3.0"		-		Affected
Openbsd Search vendor "Openbsd"		Openbsd Search vendor "Openbsd" for product "Openbsd"				3.1 Search vendor "Openbsd" for product "Openbsd" and version "3.1"		-		Affected
Openbsd Search vendor "Openbsd"		Openbsd Search vendor "Openbsd" for product "Openbsd"				3.2 Search vendor "Openbsd" for product "Openbsd" and version "3.2"		-		Affected