CVE-2002-0651Improper Restriction of Operations within the Bounds of a Memory Buffer in Bind

7 documents7 sources
Severity
7.5HIGHNVD
EPSS
7.3%
top 8.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
GNU GlibcISC Bind
Timeline
PublishedJul 3
Latest updateMay 3

Description

Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

Debiangnu/glibc< 2.2.5-8+3
NVDisc/bind9.4.0

Patches

Patch: www.cert.orgPatch: www.cert.org

🔴Vulnerability Details

3
GHSA
GHSA-3hqp-jxgp-f6jm: Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a de2022-05-03
CVEList
CVE-2002-0651: Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a de2004-09-01
OSV
CVE-2002-0651: Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a de2002-07-03

📋Vendor Advisories

2
Red Hat
security flaw2002-06-26
Debian
CVE-2002-0651: glibc - Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as de...2002

💬Community

1
Bugzilla
CVE-2002-0651 security flaw2018-08-16
CVE-2002-0651 — ISC Bind vulnerability | cvebase