Re: Nanog traceroute format string exploit.

From: Olaf Kirch (okirat_private)
Date: Wed Jul 24 2002 - 05:43:11 PDT

Next message: http-equivat_private: "REFRESH: EUDORA MAIL 5.1.1"

Previous message: Mingyan Liu: "VMware GSX Server Remote Buffer Overflow"
In reply to: SpaceWalker: "Nanog traceroute format string exploit."
Next in thread: Olaf Kirch: "Re: Nanog traceroute format string exploit."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Jul 21, 2002 at 02:09:24PM +0200, SpaceWalker wrote:
> -This exploit will never be used to haxor something because I never
> saw this traceroute used by default

Well, SuSE has been using Nanog traceroute for ages; at least
since 7.0 but probably longer.

OTOH, the bug isn't very new either.  The nktib package in SuSE Linux
7.0 has a patch for this vulnerability dated 2000/10/03 14:12:43.

Finally, let me remark that your exploit has a minor bug in detecting
vulnerable versions. Using the attached patch it will properly
recognize patched versions of traceroute :)

Cheers
Olaf
-- 
Olaf Kirch     |  Anyone who has had to work with X.509 has probably
okirat_private   |  experienced what can best be described as
---------------+  ISO water torture. -- Peter Gutmann

text/plain attachment: exp.fix

Next message: http-equivat_private: "REFRESH: EUDORA MAIL 5.1.1"
Previous message: Mingyan Liu: "VMware GSX Server Remote Buffer Overflow"
In reply to: SpaceWalker: "Nanog traceroute format string exploit."
Next in thread: Olaf Kirch: "Re: Nanog traceroute format string exploit."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jul 24 2002 - 09:41:52 PDT