漏洞信息详情

ISC BIND DNS stub 解析器库文件及其派生库文件执行任意代码漏洞

• CNNVD编号：CNNVD-200211-061
• 危害等级： 高危
  
• CVE编号： CVE-2002-0029
• 漏洞类型： 缓冲区溢出
• 发布时间： 2002-11-29
• 威胁类型： 远程
• 更新时间： 2005-10-31
• 厂        商： astaro
• 漏洞来源： This vulnerability...

漏洞简介

ISC BIND 4.9.2至4.9.10版本的DNS stub解析器库文件和其他派生库文件（如 BSD libc和GNU glibc）存在漏洞。远程攻击者可以借助DNS服务器响应引起(1)getnetbyname或(2) getnetbyaddr函数的溢出来执行任意代码，也称为\"LIBRESOLV： buffer overrun\"，该漏洞不同于CVE-2002-0684。

漏洞公告

ISC recommends that users upgrade to ISC BIND 9.2.1. Avaya has released an advisory that acknowlEdges this vulnerability for Avaya products. Fixes are not currently available; customers are advised to contact the vendor for further details regarding fix availability. Please see the referenced Avaya advisory at the following location for further details: http://support.avaya.com/jCMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple/CSS/jCMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple?temp.groupID=128450&temp.selectedFamily=128451&temp.selectedProduct=154235&temp.selectedBucket=126655&temp.feedbackState=askForFeedback&temp.documentID=198529&PAGE=avaya.CSS.CSSLvl1Detail&executeTransaction=avaya.CSS.UsageUpdate() HP has released a revised advisory (HPSBUX0212-233) to address this issue in affected HP-UX systems. Customers who are affected by this issue are advised to apply appropriate patches. Further information regarding obtaining and applying patches is available in the referenced advisory. OpenPKG has released an advisory containing upgrades for this and other vulnerabilities. OpenPKG 1.0 users are advised to upgrade to the bind-8.2.6-1.0.2 package or later. OpenPKG 1.1 users are advised to upgrade to the bind8-8.3.3-1.1.1 package or later. OpenPKG CURRENT users are advised to upgrade to the bind8-8.3.3-20021114 package or later. bind-9.2.1-1.1.0 packages are also available for OpenPKG 1.1/CURRENT. Further details on obtaining and applying fixes can be found in the attached reference. This issue is present in Astaro Security Linux versions prior to Up2Date 3.212. Up2Date 3.211 is the minimum version required for users to install Up2Date 3.212. SGI has released an advisory, and advised vulnerable users to apply patch 4881 to execute the server in a chroot environment. This patch does not fix the vulnerability, but does limit the impact of exploitation. SGI has reported this vulnerability will be fixed in IRIX 6.5.19. HP has released fixes for BIND running on HP-UX platforms. The HP advisory states that BIN 8.1.2 running on HP-UX is also vulnerable, however, this has not been confirmed. SCO has released a security advisory (CSSA-2003-SCO.2). Information, on obtaining and applying fixes, can be gathered from the reverenced advisory. Sun has released an alert. Patches are available. Xerox has announced that DocuPrint NPS/IPS series 8.0 firmware is affected by this issue. A patch is now installed automatically during the software installation procedure. Versions prior to 8.0 may also be affected if using custom configurations designed to implement DNS services. IBM has released APARs to address this issue. RedHat has released advisory RHSA-2004:383-05 and fixes dealing with this issue for RedHat Enterprise Linux platforms. Please see the referenced advisory for further information. Advisory FLSA:1947 has been released for Fedora Legacy. Please see the attached advisory for details on obtaining and applying fixes. SuSE has made advisory SUSE-SR:2004:002 available dealing with this issue. Please see the reference section for more information. The following fixes are available: IBM AIX 5.1

• IBM IY37091 http://www-1.ibm.com/support/

IBM AIX 5.2

• IBM IY37289 http://www-1.ibm.com/support/

HP HP-UX 10.10

• HP PHNE_27792.depot ftp://bind:[email protected]/

HP HP-UX 10.20

• HP PHNE_27792.depot ftp://bind:[email protected]/

HP HP-UX 11.0 4

• HP PHNE_28415 ftp://bind:[email protected]/

HP HP-UX 11.0

• HP PHNE_27793.depot ftp://bind:[email protected]/

HP HP-UX 11.11

• HP PHNE_27794.depot ftp://bind:[email protected]/

GNU glibc 2.2.5

• RedHat glibc-2.2.5-44.legacy.3.i386.rpmRedHat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/glibc-2.2.5-4 4.legacy.3.i386.rpm
• RedHat glibc-2.2.5-44.legacy.3.i686.rpmRedHat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/glibc-2.2.5-4 4.legacy.3.i686.rpm
• RedHat glibc-common-2.2.5-44.legacy.3.i386.rpmRedHat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/glibc-common- 2.2.5-44.legacy.3.i386.rpm
• RedHat glibc-debug-2.2.5-44.legacy.3.i386.rpmRedHat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/glibc-debug-2 .2.5-44.legacy.3.i386.rpm
• RedHat glibc-debug-2.2.5-44.legacy.3.i686.rpmRedHat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/glibc-debug-2 .2.5-44.legacy.3.i686.rpm
• RedHat glibc-debug-static-2.2.5-44.legacy.3.i386.rpmRedHat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/glibc-debug-s tatic-2.2.5-44.legacy.3.i386.rpm
• RedHat glibc-devel-2.2.5-44.legacy.3.i386.rpmRedHat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/glibc-devel-2 .2.5-44.legacy.3.i386.rpm
• RedHat glibc-profile-2.2.5-44.legacy.3.i386.rpmRedHat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/glibc-profile -2.2.5-44.legacy.3.i386.rpm
• RedHat glibc-utils-2.2.5-44.legacy.3.i386.rpmRedHat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/glibc-utils-2 .2.5-44.legacy.3.i386.rpm
• RedHat nscd-2.2.5-44.legacy.3.i386.rpmRedHat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/nscd-2.2.5-44 .legacy.3.i386.rpm

Sun Solaris 2.6

• Sun 105755-13 http://sunsolve.sun.com

Sun Solaris 2.6 _x86

• Sun 105756-13 http://sunsolve.sun.com

Compaq Tru64 4.0 f PK6 (BL17)

• HP DUV40FB18-C0090600-16637-ES-20030129.tarPatch Kit PK7 is a pre-requisite to this patch. http://ftp.support.compaq.com/patches/public/unix/v4.0f/DUV40FB18-C009 0600-16637-ES-20030129.tar

参考网址

来源:CERT/CC Advisory: CA-2002-31 名称: CA-2002-31 链接:http://www.cert.org/advisories/CA-2002-31.HTML 来源:US-CERT Vulnerability Note: VU#844360 名称: VU#844360 链接:http://www.kb.cert.org/vuls/id/844360 来源: www.isc.org 链接:http://www.isc.org/products/BIND/bind-security.HTML 来源: BID 名称: 6186 链接:http://www.securityfocus.com/bid/6186 来源: XF 名称: bind-dns-libresolv-bo(10624) 链接:http://www.iss.net/security_center/static/10624.php 来源: SGI 名称: 20021201-01-P 链接:ftp://patches.sgi.com/support/free/security/advisories/20021201-01-P 来源: NETBSD 名称: NetBSD-SA2002-028 链接:ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-028.txt.asc 来源: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple 名称: 2002-11-21 链接:http://lists.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/archives/Security-announce/2002/Nov/msg00000.HTML

受影响实体

• Astaro Security_linux:2.0.27  

补丁

暂无