Wow this sound serious ...
2009/2/25, Jason Starks <[email protected]>: > I'm going to say dnsmap isn't suid or sguid, and a segmentation fault can > occur after triggering a simple programming error (you've shown no signs of > code execution). Terrrrrrrific. > > On Wed, Feb 25, 2009 at 10:36 AM, srl > <[email protected]>wrote: > >> Security Advisory: >> >> PRODUCT >> ************ >> http://www.gnucitizen.org/blog/new-version-of-dnsmap-out/ >> http://www.gnucitizen.org/static/blog/2009/02/dnsmap-022.tar >> >> This this is a great tool, used by the two pentesters, pagvac and pdp >> >> TECHNICAL DESCRIPTION >> ******************************** >> A local buffer overflow exist in dnsmap 0.22. >> $ dnsmap -r `perl -e 'print "A"x250'` >> dnsmap 0.22 - DNS Network Mapper by pagvac (gnucitizen.org) >> >> Segmentation fault >> >> SOLUTION >> ************* >> Wait until pagvac will learn about strncpy(). >> >> >> >> >> >> >> >> >> >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
