BugTraq
Re: [Full-disclosure] Solaris 10 /usr/sbin/traceroute vulnerabilities Jun 24 2005 03:44PM
Przemyslaw Frasunek (venglin freebsd lublin pl)
Przemyslaw Frasunek napisa³(a):
> Another vulnerability is heap corruption after malformed -s argument:

I've forgotten to provide an example:

atari:root:/home/venglin# traceroute -s 1.1.1.1. 127.0.0.1
traceroute: 4.0.0.0 is an invalid IPv4 source address
Segmentation fault (core dumped)

--
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NICHDL: PMF9-RIPE *
* JID: venglin (at) jabber.atman (dot) pl [email concealed] ** PGP ID: 2578FCAD ** HAM-RADIO: SQ8JIV *

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus