-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 -----------------------------------------------------------------------------
 Pine Internet Security Advisory
 -----------------------------------------------------------------------------
 Advisory ID       : PINE-CERT-20020601 
 Authors           : Joost Pol <joostat_private>
 Issue date        : 2002-06-25 
 Application       : Multiple
 Version(s)        : Multiple 
 Platforms         : FreeBSD, OpenBSD, NetBSD, maybe more. 
 Availability      : http://www.pine.nl/advisories/pine-cert-20020601.txt
 -----------------------------------------------------------------------------

Synopsis

	There is a remote buffer overflow in the resolver code of libc.

Impact

	Serious.

	Exploitability will vary on application-specific issues.

Description

	There is a slight mistake in the resolver code of libc.

	This will allow an attacker-controlled DNS server to reply
	with a carefully crafted message to (for example) a
	gethostbyname request.
	
	This reply will trigger the buffer overflow

Solution

	FreeBSD, NetBSD and OpenBSD CVS have been updated.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (SunOS)

iD8DBQE9GWfH0jbIKvNgu5MRAthDAKCBd18Ti5TH9Nts5LszRXfVJ+KXOwCfRDx0
rLNudIKentqTZeIXslcTi2c=
=xNWe
-----END PGP SIGNATURE-----