• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Traceroute-Nanog Hostname Buffer Overflow Vulnerability

Solution:
This problem has reportedly been fixed in packages supplied by SuSE in SuSE Security Advisory SuSE-SA:2002:043. This information is unconfirmed.

Fixes available:


Ehud Gavron TrACESroute 6.0

• Debian traceroute-nanog_6.0-2.2_alpha.deb
  http://security.debian.org/pool/updates/main/t/traceroute-nanog/tracer oute-nanog_6.0-2.2_alpha.deb


• Debian traceroute-nanog_6.0-2.2_arm.deb
  http://security.debian.org/pool/updates/main/t/traceroute-nanog/tracer oute-nanog_6.0-2.2_arm.deb


• Debian traceroute-nanog_6.0-2.2_i386.deb
  http://security.debian.org/pool/updates/main/t/traceroute-nanog/tracer oute-nanog_6.0-2.2_i386.deb


• Debian traceroute-nanog_6.0-2.2_m68k.deb
  http://security.debian.org/pool/updates/main/t/traceroute-nanog/tracer oute-nanog_6.0-2.2_m68k.deb


• Debian traceroute-nanog_6.0-2.2_powerpc.deb
  http://security.debian.org/pool/updates/main/t/traceroute-nanog/tracer oute-nanog_6.0-2.2_powerpc.deb


• Debian traceroute-nanog_6.0-2.2_sparc.deb
  http://security.debian.org/pool/updates/main/t/traceroute-nanog/tracer oute-nanog_6.0-2.2_sparc.deb


• SuSE nkitb-2002.11.6-0.alpha.rpm
  ftp://ftp.suse.com/pub/suse/axp/update/7.0/a1/nkitb-2002.11.6-0.alpha. rpm


• SuSE nkitb-2002.11.6-0.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/7.0/a1/nkitb-2002.11.6-0.i386. rpm


• SuSE nkitb-2002.11.6-0.ppc.rpm
  ftp://ftp.suse.com/pub/suse/ppc/update/7.0/a1/nkitb-2002.11.6-0.ppc.rp m


• SuSE traceroute-6.0-0.alpha.rpm
  ftp://ftp.suse.com/pub/suse/axp/update/7.1/n1/traceroute-6.0-0.alpha.r pm


• SuSE traceroute-6.0-0.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/7.1/n1/traceroute-6.0-0.i386.r pm


• SuSE traceroute-6.0-0.ppc.rpm
  ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n1/traceroute-6.0-0.ppc.rpm

Ehud Gavron TrACESroute 6.1.1

• Debian traceroute-nanog_6.1.1-1.2_alpha.deb
  http://security.debian.org/pool/updates/main/t/traceroute-nanog/tracer oute-nanog_6.1.1-1.2_alpha.deb


• Debian traceroute-nanog_6.1.1-1.2_arm.deb
  http://security.debian.org/pool/updates/main/t/traceroute-nanog/tracer oute-nanog_6.1.1-1.2_arm.deb


• Debian traceroute-nanog_6.1.1-1.2_hppa.deb
  http://security.debian.org/pool/updates/main/t/traceroute-nanog/tracer oute-nanog_6.1.1-1.2_hppa.deb


• Debian traceroute-nanog_6.1.1-1.2_i386.deb
  http://security.debian.org/pool/updates/main/t/traceroute-nanog/tracer oute-nanog_6.1.1-1.2_i386.deb


• Debian traceroute-nanog_6.1.1-1.2_ia64.deb
  http://security.debian.org/pool/updates/main/t/traceroute-nanog/tracer oute-nanog_6.1.1-1.2_ia64.deb


• Debian traceroute-nanog_6.1.1-1.2_m68k.deb
  http://security.debian.org/pool/updates/main/t/traceroute-nanog/tracer oute-nanog_6.1.1-1.2_m68k.deb


• Debian traceroute-nanog_6.1.1-1.2_mips.deb
  http://security.debian.org/pool/updates/main/t/traceroute-nanog/tracer oute-nanog_6.1.1-1.2_mips.deb


• Debian traceroute-nanog_6.1.1-1.2_mipsel.deb
  http://security.debian.org/pool/updates/main/t/traceroute-nanog/tracer oute-nanog_6.1.1-1.2_mipsel.deb


• Debian traceroute-nanog_6.1.1-1.2_powerpc.deb
  http://security.debian.org/pool/updates/main/t/traceroute-nanog/tracer oute-nanog_6.1.1-1.2_powerpc.deb


• Debian traceroute-nanog_6.1.1-1.2_s390.deb
  http://security.debian.org/pool/updates/main/t/traceroute-nanog/tracer oute-nanog_6.1.1-1.2_s390.deb


• Debian traceroute-nanog_6.1.1-1.2_sparc.deb
  http://security.debian.org/pool/updates/main/t/traceroute-nanog/tracer oute-nanog_6.1.1-1.2_sparc.deb


• SuSE traceroute-6.1.1-0.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/7.2/n1/traceroute-6.1.1-0.i386 .rpm


• SuSE traceroute-6.1.1-0.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/traceroute-6.1.1-0.i386 .rpm


• SuSE traceroute-6.1.1-0.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/traceroute-6.1.1-0.i386 .rpm


• SuSE traceroute-6.1.1-0.ppc.rpm
  ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n1/traceroute-6.1.1-0.ppc.r pm


• SuSE traceroute-6.1.1-0.sparc.rpm
  ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/traceroute-6.1.1-0.spa rc.rpm