5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.152 Low
EPSS
Percentile
95.9%
A remotely exploitable denial-of-service vulnerability exists in BIND. Based on recent reports, we believe this vulnerability is being actively exploited.
A remotely exploitable denial-of-service vulnerability exists in BIND 8.3.0 - 8.3.3. ISC’s description of this vulnerability states:
When constucting [sic] a response a NXDOMAIN response to a ENDS query with a large UDP size it is possible to trigger an assertion.
The BIND daemon will shut down. As a result, clients will not be able to connect to the service to resolve queries.
Apply a patch from your vendor. In the absence of a patch, you may wish to consider ISC’s recommendation, which is upgrading to “BIND 4.9.11, BIND 8.2.7, BIND 8.3.4 or preferably BIND 9.” Additionally, ISC indicates, “BIND 4 is officially deprecated. Only security fixes will be issued for BIND 4.”
Disable recursion if possible.
229595
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: November 12, 2002 Updated: February 26, 2003
Affected
Affected Systems: Mac OS X and Mac OS X Server with BIND versions 8.1, 8.2 to 8.2.6, and 8.3.0 to 8.3.3
Mitigating Factors: BIND is not enabled by default on Mac OS X or Mac OS X Server
This is addressed in Security Update 2002-11-21
<http://www.apple.com/support/security/security_updates.html>
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: February 24, 2003
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: December 09, 2002
Affected
The AIX operating system is vulnerable to the named and DNS resolver issues in releases 4.3.3, 5.1.0 and 5.2.0. Temporary patches will be available through an efix package by 11/22/2002 or before. The efix will be available at the following URL:
ftp://ftp.software.ibm.com/aix/efixes/security/dns_named_efix.tar.Z
In the interim, customers may want to implement the workarounds given in the Solutions section to limit their exposure.
The following APARs will be available in the near future:
AIX 4.3.3 APAR IY37088 (available approx 11/27/2002)
AIX 5.1.0 APAR IY37019 (available approx 12/18/2002)
AIX 5.2.0 APAR TBA (available approx TBA)
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Affected
Older releases (6.2, 7.0) of Red Hat Linux shipped with versions of BIND which may be vulnerable to these issues however a Red Hat security advisory in July 2002 upgraded all our supported distributions to BIND 9.2.1 which is not vulnerable to these issues.
All users who have BIND installed should ensure that they are running these updated versions of BIND.
<http://rhn.redhat.com/errata/RHSA-2002-133.html> Red Hat Linux
<http://rhn.redhat.com/errata/RHSA-2002-119.html> Advanced Server 2.1
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Updated: November 19, 2002
Affected
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
________________________________________________________________________
`OpenPKG Security Advisory The OpenPKG Project
<http://www.openpkg.org/security.html>
<http://www.openpkg.org>
[email protected] [email protected]
OpenPKG-SA-2002.011 15-Nov-2002
Package: bind, bind8
Vulnerability: denial of service, arbitrary code execution
OpenPKG Specific: no
Dependent Packages: none
Affected Releases: Affected Packages: Corrected Packages:
OpenPKG 1.0 <= bind-8.2.6-1.0.1 >= bind-8.2.6-1.0.2
OpenPKG 1.1 <= bind8-8.3.3-1.1.0 >= bind8-8.3.3-1.1.1
OpenPKG CURRENT <= bind8-8.3.3-2002082 >= bind8-8.3.3-20021114
Description:
The Internet Software Consortium (ISC) [1] has discovered or has been
notified of several bugs which can result in vulnerabilities of varying
levels of severity in BIND [2][3]. These problems include buffer overflows,
stack revealing, divide by zero, null pointer dereferencing, and more [4].
A subset of these vulnerabilities exist in the BIND packages distributed by
OpenPKG.
Please check whether you are affected by running “<prefix>/bin/rpm -qa |
grep bind”. If you have an affected version of the “bind” or “bind8” package
(see above), upgrade it according to the solution below.
Workaround:
Because disabling recursion or disabling DNSSEC is a workaround to only a
subset of the aforementioned problems, it is not a recommended aproach.
Solution:
Since these vulnerabilities do not exist in BIND version 9.2.1, one solution
simply involves upgrading to it. The packages bind-9.2.1-1.1.0 in OpenPKG
1.1 [5], and bind-9.2.1-20021111 in OpenPKG CURRENT [6] are both candidates
in this respect. Be warned that although such later versions of BIND are
stable, there exist large differences between BIND 8 and BIND 9 software.
A lighter approach involves updating existing packages to newly patched
versions of BIND 8. Select the updated source RPM appropriate
for your OpenPKG release [7][8][9], and fetch it from the OpenPKG FTP service
or a mirror location. Verify its integrity [10], build a corresponding
binary RPM from it and update your OpenPKG installation by applying the
binary RPM [11]. For the latest OpenPKG 1.1 release, perform the following
operations to permanently fix the security problem (for other releases
adjust accordingly).
$ ftp ftp.openpkg.org
ftp> bin
ftp> cd release/1.1/UPD
ftp> get bind8-8.3.3-1.1.1.src.rpm
ftp> bye
$ <prefix>/bin/rpm -v --checksig bind8-8.3.3-1.1.1.src.rpm
$ <prefix>/bin/rpm --rebuild bind8-8.3.3-1.1.1.src.rpm
$ su -
References:
[1] <http://www.isc.org/>
[2] <http://www.isc.org/products/BIND/>
[3] <http://www.cert.org/advisories/CA-2002-31.html>
[4] <http://www.isc.org/products/BIND/bind-security.html>
[5] <ftp://ftp.openpkg.org/release/1.1/SRC/bind-9.2.1-1.1.0.src.rpm>
[6] <ftp://ftp.openpkg.org/current/SRC/bind-9.2.1-20021111.src.rpm>
[7] <ftp://ftp.openpkg.org/release/1.0/UPD/bind-8.2.6-1.0.2.src.rpm>
[8] <ftp://ftp.openpkg.org/release/1.1/UPD/bind8-8.3.3-1.1.1.src.rpm>
[9] <ftp://ftp.openpkg.org/current/SRC/bind8-8.3.3-20021114.src.rpm>
[10] <http://www.openpkg.org/security.html#signature>
[11] <http://www.openpkg.org/tutorial.html#regular-source>
For security reasons, this advisory was digitally signed with
the OpenPGP public key “OpenPKG <[email protected]>” (ID 63C4CB9F)
of the OpenPKG project which you can find under the official URL
<http://www.openpkg.org/openpkg.pgp>
or on <http://keyserver.pgp.com/>
. To
check the integrity of this advisory, verify its digital signature by
using GnuPG (<http://www.gnupg.org/>
). For example, pipe this message to
the command “gpg --verify --keyserver keyserver.pgp.com”.
-----BEGIN PGP SIGNATURE-----
Comment: OpenPKG <[email protected]>
iEYEARECAAYFAj3VOcwACgkQgHWT4GPEy5/vEACgmA+lr37ybByyTT7Q9ZBgzJAU
rvMAoOZMy6lDJryPLPg1NV+Wn21wE1qA
=gSdl
-----END PGP SIGNATURE-----`
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Updated: November 18, 2002
Affected
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
- -------------------------------------------------------------------------- Trustix Secure Linux Security Advisory #2002-0076
Package name: bind Summary: Remote exploit Date: 2002-11-15 Affected versions: TSL 1.1, 1.2, 1.5
- -------------------------------------------------------------------------- Package description: BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS).
Problem description: ISS X-Force has found a number of problems in all BIND 8 series up to and including 8.2.6 and 8.3.3. Two of these can cause BIND to crash causing a denial of service attack, whereas the last can be used to execute arbitary code on the victim.
Action: We recommend that all systems with this package installed be upgraded. Please note that if you do not need the functionality provided by this package, you may want to remove it from your system.
Location: All TSL updates are available from <URI:``<http://www.trustix.net/pub/Trustix/updates/>``> <URI:``<ftp://ftp.trustix.net/pub/Trustix/updates/>``>
About Trustix Secure Linux: Trustix Secure Linux is a small Linux distribution for servers. With focus on security and stability, the system is painlessly kept safe and up to date from day one using swup, the automated software updater.
Automatic updates: Users of the SWUP tool can enjoy having updates automatically installed using 'swup --upgrade'.
Get SWUP from: <URI:``<ftp://ftp.trustix.net/pub/Trustix/software/swup/>``>
Public testing: These packages have been available for public testing for some time. If you want to contribute by testing the various packages in the testing tree, please feel free to share your findings on the tsl-discuss mailinglist. The testing tree is located at <URI:``<http://www.trustix.net/pub/Trustix/testing/>``> <URI:``<ftp://ftp.trustix.net/pub/Trustix/testing/>``>
Questions? Check out our mailing lists: <URI:``<http://www.trustix.net/support/>``>
Verification: This advisory along with all TSL packages are signed with the TSL sign key. This key is available from: <URI:``<http://www.trustix.net/TSL-GPG-KEY>``>
The advisory itself is available from the errata pages at <URI:``<http://www.trustix.net/errata/trustix-1.2/>``> and <URI:``<http://www.trustix.net/errata/trustix-1.5/>``> or directly at <URI:``<http://www.trustix.net/errata/misc/2002/TSL-2002-0076-bind.asc.txt>``>
`MD5sums of the packages:
7ca823f5bdcda62354971ba527659f8f ./1.1/RPMS/bind-8.2.6-2tr.i586.rpm
97e22862a18c94181f004b2961474a61 ./1.1/RPMS/bind-devel-8.2.6-2tr.i586.rpm
1b3924c34061398f64906a41bc4e103e ./1.1/RPMS/bind-utils-8.2.6-2tr.i586.rpm
9b353d2f2beef989a4d34fa9fd04cc30 ./1.1/SRPMS/bind-8.2.6-2tr.src.rpm
979d763efbec95a6104b8df307a52ab2 ./1.2/RPMS/bind-8.2.6-2tr.i586.rpm
a219f2f92ea9f4cccb74c4ac9fcc8f69 ./1.2/RPMS/bind-devel-8.2.6-2tr.i586.rpm
cc97ab8e12caaff576063d150d7216e7 ./1.2/RPMS/bind-utils-8.2.6-2tr.i586.rpm
9b353d2f2beef989a4d34fa9fd04cc30 ./1.2/SRPMS/bind-8.2.6-2tr.src.rpm
aa38424ba1671b811aec3265e3764390 ./1.5/RPMS/bind-8.2.6-2tr.i586.rpm
74a18eed135150b64f62fb398d823175 ./1.5/RPMS/bind-devel-8.2.6-2tr.i586.rpm
74b1f15664668fcfa0da9b52f55d7745 ./1.5/RPMS/bind-utils-8.2.6-2tr.i586.rpm
9b353d2f2beef989a4d34fa9fd04cc30 ./1.5/SRPMS/bind-8.2.6-2tr.src.rpm
`
Trustix Security Team
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see ``<http://www.gnupg.org>``
iD8DBQE92NuHwRTcg4BxxS0RAraRAJ0Q+GDhIUUv0gbgv91q1ZmnFqkTHACfaRST KUB6bSTouOiksfknm0Mc/6I= =brw5 -----END PGP SIGNATURE-----
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Not Affected
MontaVista ships BIND 9, thus is not vulnerably to these advisories.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Updated: November 13, 2002
Not Affected
Nominum “Foundation” Authoritative Name Server (ANS) is not affected by this vulnerability. Also, Nominum “Foundation” Caching Name Server (CNS) is not affected by this vulnerability. Nominum’s commercial DNS server products, which are part of Nominum “Foundation” IP Address Suite, are not based on BIND and do not contain any BIND code, and so are not affected by vulnerabilities discovered in any version of BIND.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: May 30, 2003
Not Affected
A response to this advisory is available from our web site: <http://www.xerox.com/security>
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: February 25, 2003
Unknown
Following CERT advisory CA-2002-31 on security vulnerabilities in the ISC BIND implementation, Alcatel has conducted an immediate assessment to determine any impact this may have on our portfolio. A first analysis has shown that the following products (OmniSwitch 6600, 7700, 8800) may be impacted. Customers may wish to contact their support for more details. The security of our customers’ networks is of highest priority for Alcatel. Therefore we continue to test our product portfolio against potential ISC BIND security vulnerabilities and will provide updates if necessary.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: April 01, 2003
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
Notified: November 12, 2002 Updated: November 12, 2002
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23229595 Feedback>).
View all 101 vendors __View less vendors __
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
Internet Security Systems is credited for discovering this vulnerability.
This document was written by Ian A Finlay.
CVE IDs: | CVE-2002-1220 |
---|---|
CERT Advisory: | CA-2002-31 Severity Metric: |