subject:"PFinger 0.7.8 format string vulnerability \(#NISR16122002B\)"

Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B)

2002-12-27 Thread Andreas Tscharner

On Mon, 16 Dec 2002 19:55:05 - NGSSoftware Insight Security Research [EMAIL PROTECTED] wrote: NGSSoftware Insight Security Research Advisory Name: PFinger Format String vulnerability Systems: PFinger version 0.7.8 and earlier Severity: High Risk Vendor URL:

Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B)

2002-12-18 Thread Andreas Borchert

On Tue, Dec 17, 2002 at 07:37:23AM +0100, Stefan Esser wrote: Yes noone said it is not, but fact is, the libc resolvers simply do not allow them, so you can send through the wire whatever you want it will not find its way to the fingerd. Any resolver who disallows a % or any other character

Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B)

2002-12-17 Thread Stefan Esser

On Mon, Dec 16, 2002 at 11:56:10PM -0500, [EMAIL PROTECTED] wrote: *ON THE WIRE*, all 256 byte codes are legal, since DNS uses a length-data Yes noone said it is not, but fact is, the libc resolvers simply do not allow them, so you can send through the wire whatever you want it will not find

Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B)

2002-12-17 Thread der Mouse

*ON THE WIRE*, all 256 byte codes are legal, since [...] Yes noone said it is not, but fact is, the libc resolvers simply do not allow them, so you can send through the wire whatever you want it will not find its way to the fingerd. This does not match my experience. I control rDNS for my

Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B)

2002-12-17 Thread der Mouse

Due to the way requests are logged the only way to exploit this vulnerability is through setting the DNS name of the fingering host to the attacker supplied format string. I really wonder how you want to exploit this... Last time I checked all tested resolvers (Linux/BSD/Solaris) did not

Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B)

2002-12-17 Thread Valdis . Kletnieks

On Mon, 16 Dec 2002 21:39:32 +0100, Stefan Esser [EMAIL PROTECTED] said: Hello, Due to the way requests are logged the only way to exploit this vulnerability is through setting the DNS name of the fingering host to the attacker supplied format string. I really wonder how you want to

PFinger 0.7.8 format string vulnerability (#NISR16122002B)

2002-12-16 Thread NGSSoftware Insight Security Research

NGSSoftware Insight Security Research Advisory Name: PFinger Format String vulnerability Systems: PFinger version 0.7.8 and earlier Severity: High Risk Vendor URL: http://www.xelia.ch/unix/pfinger/ Author: David Litchfield ([EMAIL PROTECTED]) Advisory URL:

RE: PFinger 0.7.8 format string vulnerability (#NISR16122002B)

2002-12-16 Thread Stefan Esser

Hello, Due to the way requests are logged the only way to exploit this vulnerability is through setting the DNS name of the fingering host to the attacker supplied format string. I really wonder how you want to exploit this... Last time I checked all tested resolvers (Linux/BSD/Solaris) did

Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B)

Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B)

Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B)

Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B)

Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B)

Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B)

PFinger 0.7.8 format string vulnerability (#NISR16122002B)

RE: PFinger 0.7.8 format string vulnerability (#NISR16122002B)

8 matches

Site Navigation

Mail list logo

Footer information