CVE-2002-0029 | Vulnerability Database | Aqua Security

Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka LIBRESOLV: buffer overrun and a different vulnerability than CVE-2002-0684.

Affected Software

Name	Vendor	Start Version	End Version
Bind	Isc	4.9.2 (including)	4.9.2 (including)
Bind	Isc	4.9.3 (including)	4.9.3 (including)
Bind	Isc	4.9.4 (including)	4.9.4 (including)
Bind	Isc	4.9.5 (including)	4.9.5 (including)
Bind	Isc	4.9.6 (including)	4.9.6 (including)
Bind	Isc	4.9.7 (including)	4.9.7 (including)
Bind	Isc	4.9.8 (including)	4.9.8 (including)
Bind	Isc	4.9.9 (including)	4.9.9 (including)
Bind	Isc	4.9.10 (including)	4.9.10 (including)

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-028.txt.asc
ftp://patches.sgi.com/support/free/security/advisories/20021201-01-P
http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html
http://www.cert.org/advisories/CA-2002-31.html
http://www.isc.org/products/BIND/bind-security.html
http://www.iss.net/security_center/static/10624.php
http://www.kb.cert.org/vuls/id/844360
http://www.securityfocus.com/bid/6186

NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-0029
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html