7.5
CVSSv2

CVE-2002-1219

Published: 29/11/2002 Updated: 03/05/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote malicious users to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).

Affected Products

Vendor Product Versions
IscBind4.9.5, 4.9.6, 4.9.7, 4.9.8, 4.9.9, 4.9.10, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 8.2.5, 8.2.6, 8.3.0, 8.3.1, 8.3.2, 8.3.3
FreebsdFreebsd4.4, 4.5, 4.6, 4.7
OpenbsdOpenbsd3.0, 3.1, 3.2

Vendor Advisories

[Bind version 9, the bind9 package, is not affected by these problems] ISS X-Force has discovered several serious vulnerabilities in the Berkeley Internet Name Domain Server (BIND) BIND is the most common implementation of the DNS (Domain Name Service) protocol, which is used on the vast majority of DNS servers on the Internet DNS is a vital Int ...