A remote attacker could execute arbitrary commands on any
machine running any application which uses a vulnerable
version of the DNS resolver library.
Many applications use the Domain Name Service (DNS) to
translate host names (such as host.domain.com)
to IP addresses which are used to route traffic across
the network. Applications which use DNS usually use a
resolver library, which is a common set of code used
by various applications to perform the DNS resolution
A buffer overflow in both the BIND DNS resolver library and
the BSD DNS resolver library could allow a remote attacker
to execute arbitrary commands. Any application which uses
either of these two resolver libraries are affected.
BIND versions 4.8.3 through 4.9.8, versions 8.0 through
8.2.5, versions 8.3 through 8.3.2, and versions 9.2.0
and 9.2.1 are affected by this vulnerability.
But it is important to understand that, even though
this vulnerability is checked only in DNS servers,
any application which uses a vulnerable resolver
library is affected.
A similar but separate vulnerability affects BIND 4.9.2
These vulnerabilities were announced in
CERT Advisory 2002-19 and
[http://www.kb.cert.org/vuls/id/844360] US-CERT Vulnerability Note VU#844360.
Install a fixed version of the resolver library from your
vendor when it becomes available. Note that fixing the
library alone will not be sufficient to fix statically-linked
programs. Such programs will need to be recompiled. For
more information, consult the vendor of the particular
Upgrade BIND to version 4.9.11, 8.3.4, or 9.2.2 when
it becomes available. If 9.2.2 is not available, BIND 9
users should use the resolver library from BIND 8.3.3 or
Low Attack Complexity, Partial Confidentiality Impact, Partial Integrity Impact, Complete Availability Impact