BugTraq
PFinger 0.7.8 format string vulnerability (#NISR16122002B) Dec 16 2002 07:55PM
NGSSoftware Insight Security Research (nisr nextgenss com) (2 replies)
Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B) Dec 26 2002 10:07PM
Andreas Tscharner (starfire dplanet ch)
RE: PFinger 0.7.8 format string vulnerability (#NISR16122002B) Dec 16 2002 08:39PM
Stefan Esser (s esser e-matters de) (2 replies)
Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B) Dec 17 2002 04:56AM
Valdis Kletnieks vt edu (1 replies)
Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B) Dec 17 2002 06:37AM
Stefan Esser (s esser e-matters de) (2 replies)
On Mon, Dec 16, 2002 at 11:56:10PM -0500, Valdis.Kletnieks (at) vt (dot) edu [email concealed] wrote:
>
> *ON THE WIRE*, all 256 byte codes are legal, since DNS uses a length-data

Yes noone said it is not, but fact is, the libc resolvers simply do not
allow them, so you can send through the wire whatever you want it will
not find its way to the fingerd.

Stefan Esser

[ reply ]
Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B) Dec 18 2002 02:16PM
Andreas Borchert (bugtraq andreas-borchert de)
Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B) Dec 17 2002 05:44PM
der Mouse (mouse Rodents Montreal QC CA)
Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B) Dec 16 2002 09:49PM
der Mouse (mouse Rodents Montreal QC CA)


 

Privacy Statement
Copyright 2010, SecurityFocus