Update: Buffer Overflows in Multiple DNS Resolver Libraries

A change has been made to CERT Advisory CA-2002-19. The workaround of using a local caching DNS server is not completely effective. Some malicious DNS responses can be cached, reconstructed, and passed on to systems that may have vulnerable DNS resolver libraries.

Affected systems are:

- Internet Software Consortium (ISC) Berkeley Internet Name Domain (BIND) DNS resolver library (libbind);- Berkeley Software Distribution (BSD) DNS resolver library (libc);- GNU DNS resolver library (glibc).

For more information, click here.

Join the newsletter!

Error: Please check your email address.

More about CERT AustraliaInternet Software Consortium

Show Comments

Market Place