> bobk <bobkat_private> writes: > > Imagine what could happen if some program did a strcmp() on the following > > name: > > > > rs.internic.net\0.xa.net > > > > where, of course, \0 is a null > > > > Interested readers may ponder what type of programs may be exploited with > > this type of attack. > > Any .rhosts consumer. Xhost. Amanda (.amandahosts). Lpd (lpd.allow). > What did I win? > > DES > -- > Dag-Erling Smorgrav - desat_private > If if you have a modern resolver library you won't have a problem as the presentation form is literally "rs.internic.net\000.xa.net". This may be used with old libraries to hide were you came from but access checks usually require a forward lookups as well .rhosts etc. should not be a problem even with old libraries. Mark -- Mark Andrews, Internet Software Consortium 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: markaat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:48:07 PDT