Re: [logs] [ESA-20020423-009] webalizer contains a potentially exploitable buffer overflow (fwd)

From: Sweth Chandramouli (loganalysisat_private)
Date: Wed Apr 24 2002 - 22:06:15 PDT

Next message: Tycho Fruru: "Re: [logs] regarding checkpoint logs.."

Previous message: Tycho Fruru: "Re: [logs] [ESA-20020423-009] webalizer contains a potentially exploitable buffer overflow (fwd)"
In reply to: Tina Bird: "Re: [logs] [ESA-20020423-009] webalizer contains a potentially exploitable buffer overflow (fwd)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Apr 24, 2002 at 05:03:04PM -0500, Tina Bird wrote:
> the destination buffer (child_buf) ist 128 bytes big and bind (bind 4 on 
> openbsd 2.8 does) limits the size of the hostname to 64 bytes. even 
> MAXHOSTNAMELEN on Linux (and other Unix like systems) is just 64 bytes.
> so i think there is no real danger by this _possible_ buffer overflow.
	Actually, BIND is smart enough to limit the size of the
hostname to MAXHOSTNAMELEN-1 (since 4.9.5-P1, released about 5 years
ago); there are many Unices (Solaris and (I believe) AIX, for example)
that define MAXHOSTNAMELEN as 256, however, so there _is_ some danger.
And there _are_ other resolvers out there...

	-- Sweth.

-- 
Sweth Chandramouli      Idiopathic Systems Consulting
svcat_private      http://www.idiopathic.net/

---------------------------------------------------------------------
To unsubscribe, e-mail: loganalysis-unsubscribeat_private
For additional commands, e-mail: loganalysis-helpat_private

Next message: Tycho Fruru: "Re: [logs] regarding checkpoint logs.."
Previous message: Tycho Fruru: "Re: [logs] [ESA-20020423-009] webalizer contains a potentially exploitable buffer overflow (fwd)"
In reply to: Tina Bird: "Re: [logs] [ESA-20020423-009] webalizer contains a potentially exploitable buffer overflow (fwd)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Apr 25 2002 - 09:10:20 PDT