Sniffit Mail Logging Buffer Overflow Vulnerability

Sniffit is a freely available, open source network monitoring tool. It is designed for use on the Unix and Linux Operating Systems.

Sniffit contains a remotely exploitable buffer overflow vulnerability. If Sniffit is configured to log emails, attackers may be able to exploit a stack overflow in the logging mechanism and execute arbitrary code as root on the underlying host.

There may be other buffer overflow vulnerabilities in sniffit related to the logging mechanism. There are several suspicious instances of sprintf() in the logging functions. Administrators are advised to use more actively supported alternatives such as Snort or dsniff.


Privacy Statement
Copyright 2010, SecurityFocus