CVE-2002-0029

Name of the Vulnerable Software and Affected Versions ISC BIND versions 4.9.2 through 4.9.10

Description The issue is related to buffer overflows in the DNS stub resolver library, which can be triggered by remote attackers via DNS server responses. This can lead to the execution of arbitrary code on the system with the same privileges as the process that calls the affected function. The getnetbyname and getnetbyaddr functions are specifically vulnerable due to improper bounds checking of responses for network name and address requests.

Recommendations For ISC BIND versions 4.9.2 through 4.9.10, consider updating to a version that includes the fix for the buffer overflow issue in the stub resolver library. As a temporary workaround, restrict access to the getnetbyname() and getnetbyaddr() functions to minimize the risk of exploitation.