LBNL Traceroute Heap Corruption Vulnerability

Bugtraq ID: 1739
Class: Design Error
CVE:
Remote: No
Local: Yes
Published: Sep 28 2000 12:00AM
Updated: Sep 28 2000 12:00AM
Credit: Discovered by Pekka Savola <pekkas@netcore.fi>. First posted to Bugtraq by Chris Evans <chris@ferret.lmh.ox.ac.uk> on September 28, 2000. Followups with exploit code posted to Bugtraq by W.H.J.Pinckaers <w.h.j.pinckaers@cpedu.rug.nl> and Perry Harrin
Vulnerable: Sun Solaris 2.5.1
LBL traceroute 1.4 a5
+ Debian Linux 2.2
+ Mandriva Linux Mandrake 7.1
+ Mandriva Linux Mandrake 7.0
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.1 i386
+ RedHat Linux 6.0
+ SCO eDesktop 2.4
+ Trustix Trustix Secure Linux 1.1
+ Trustix Trustix Secure Linux 1.0
Not Vulnerable: LBL traceroute 1.4 a7


 

Privacy Statement
Copyright 2010, SecurityFocus