Re: [logs] [ESA-20020423-009] webalizer contains a potentially exploitable buffer overflow (fwd)

From: Tycho Fruru (tycho.fruruat_private)
Date: Thu Apr 25 2002 - 06:14:05 PDT

  • Next message: Sweth Chandramouli: "Re: [logs] [ESA-20020423-009] webalizer contains a potentially exploitable buffer overflow (fwd)"

    On Wed, 24 Apr 2002, Tina Bird wrote:
    
    > From: Tom <TheTomat_private>
    
    > the destination buffer (child_buf) ist 128 bytes big and bind (bind 4 on 
    > openbsd 2.8 does) limits the size of the hostname to 64 bytes. even 
    > MAXHOSTNAMELEN on Linux (and other Unix like systems) is just 64 bytes.
    > so i think there is no real danger by this _possible_ buffer overflow.
    
    What if the reverse lookup is not answered by a BIND but by my own 
    concoction which does respond with larger hostnames ?  There seems an 
    opportunity for problems there (could be interesting to see how your 
    standard host-based resolver libraries handle this)
    
    Regards,
    Tycho
    
    -- 
    Tycho Fruru			tycho.fruruat_private
    "Prediction is extremely difficult. Especially about the future."
      - Niels Bohr
    
    
    ---------------------------------------------------------------------
    To unsubscribe, e-mail: loganalysis-unsubscribeat_private
    For additional commands, e-mail: loganalysis-helpat_private
    



    This archive was generated by hypermail 2b30 : Thu Apr 25 2002 - 08:22:24 PDT