• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

PADL Software nss_ldap DNS Buffer Overflow Vulnerability

A buffer overflow condition has been reported in nss_ldap. When nss_ldap is configured without a value for the "host" parameter, it will attempt to configure itself using SRV DNS records. There is no bounds checking on data returned from the DNS server before it is copied into internal memory buffers. If it is of excessive length, a buffer overrun condition will occur. Operators of malicious DNS servers may exploit this condition to execute arbitrary code on target hosts. It may also be possible for attackers who do not control the DNS server to spoof malicious responses.