# Heap-based Buffer Overflow in logger
## Description
Heap-based Buffer Overflow in logger at inetutils/src/logger.c:329
**version**
```
./logger --version
logger (GNU inetutils) 2.2.16-cf091
Copyright (C) 2021 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <
# Memory leak in ifconfig
## Description
Memory leak in ifconfig
**version**
```
./ifconfig --version
ifconfig (GNU inetutils) 2.2.16-cf091
Copyright (C) 2021 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <
https://gnu.org/licenses/gpl.html>.
This is free software:
8, [rip + 0xe7c8]
<0x555673a0>
0x8bd8 learcx, [rsi + 1]
0x8bdc movrdx, rdi
0x8bdf moveax, r9d
0x8be2 cmpbyte ptr [rsi], r9b
0x8be5 je getcmd+80
───
URL:
<https://savannah.gnu.org/bugs/?61724>
Summary: Infinite Loop in domacro at domacro.c:258
Project: GNU Networking Utilities
Submitted by: aidai
Submitted on: Thu 23 Dec 2021 02:13:36 PM UTC
Category
URL:
<https://savannah.gnu.org/bugs/?61725>
Summary: NULL Pointer Dereference in help() at
inetutils/telnet/commands.c:3094
Project: GNU Networking Utilities
Submitted by: aidai
Submitted on: Thu 23 Dec 2021 02:13:56
URL:
<https://savannah.gnu.org/bugs/?61723>
Summary: NULL Pointer Dereference in setnmap() at cmds.c:2303
Project: GNU Networking Utilities
Submitted by: aidai
Submitted on: Thu 23 Dec 2021 02:13:08 PM UTC
Category
URL:
<https://savannah.gnu.org/bugs/?61726>
Summary: NULL Pointer Dereference in unsetcmd() at
inetutils/telnet/commands.c:1227
Project: GNU Networking Utilities
Submitted by: aidai
Submitted on: Thu 23 Dec 2021 02:14:16
# NULL Pointer Dereference in setnmap() at cmds.c:2303
## Description
A NULL Pointer Dereference was discovered in help() at
inetutils/telnet/commands.c:3094. The vulnerability causes a segmentation
fault and application crash.
**version**
```
./telnet --version
telnet (GNU inetutils)
# Infinite Loop in domacro at domacro.c:258
## Description
An Infinite Loop was discovered in domacro at domacro.c:258. The
vulnerability could allow attackers to consume excessive resources such as
CPU or memory.
**version**
```
./ftp --version
ftp (GNU inetutils) 2.2.16-cf091
Copyright (C)
## Description
A NULL Pointer Dereference was discovered in setnmap() at cmds.c:2303. The
vulnerability causes a segmentation fault and application crash.
**version**
```
./ftp --version
ftp (GNU inetutils) 2.2.16-cf091
Copyright (C) 2021 Free Software Foundation, Inc.
License GPLv3+: GNU GPL
**command:**
```
./telnet < ./poc
```
AiDai 于2021年12月23日周四 21:11写道:
> # NULL Pointer Dereference in setnmap() at cmds.c:2303
>
> ## Description
>
> A NULL Pointer Dereference was discovered in help() at
> inetutils/telnet/commands.c:3094. The vulnerability causes a
# NULL Pointer Dereference in unsetcmd() at inetutils/telnet/commands.c:1227
## Description
A NULL Pointer Dereference was discovered in unsetcmd() at
inetutils/telnet/commands.c:1227. The vulnerability causes a segmentation
fault and application crash.
**version**
```
./telnet --version
URL:
<https://savannah.gnu.org/bugs/?61722>
Summary: Untrusted Pointer Dereference in domacro() at
inetutils/ftp/domacro.c:186
Project: GNU Networking Utilities
Submitted by: aidai
Submitted on: Thu 23 Dec 2021 01:54:14
13 matches
Mail list logo