Rapid7 Vulnerability & Exploit Database

RHSA-2002:133: Updated bind packages fix buffer overflow in resolver library

Back to Search

RHSA-2002:133: Updated bind packages fix buffer overflow in resolver library

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
07/03/2002
Created
07/25/2018
Added
10/28/2005
Modified
07/04/2017

Description

Various versions of the ISC BIND resolver libraries are vulnerable to a buffer overflow attack. Updated BIND packages are now available to fix this issue.

ISC BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and various tools. A buffer overflow vulnerability exists in multiple implementations of DNS resolver libraries. Applications that utilize vulnerable DNS resolver libraries may be affected. A remote attacker who is able to send malicious DNS responses could potentially exploit this vulnerability to execute arbitrary code or cause a denial of service on a vulnerable system. Red Hat Linux does not ship with any applications or libraries that link against the BIND resolver libraries; however, third party code may be affected. The updated bind packages included in this errata contain the patches from 8.3.3 which fix the buffer overflow applied (backported) to the 9.2.1 sources.

Solution(s)

  • redhat-upgrade-bind
  • redhat-upgrade-bind-devel
  • redhat-upgrade-bind-utils

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;