LBNL Traceroute Heap Corruption Vulnerability
|
Bugtraq ID:
|
1739
|
|
Class:
|
Design Error
|
|
CVE:
|
|
|
Remote:
|
No
|
|
Local:
|
Yes
|
|
Published:
|
Sep 28 2000 12:00AM
|
|
Updated:
|
Sep 28 2000 12:00AM
|
|
Credit:
|
Discovered by Pekka Savola <pekkas@netcore.fi>.
First posted to Bugtraq by Chris Evans <chris@ferret.lmh.ox.ac.uk> on September 28, 2000.
Followups with exploit code posted to Bugtraq by W.H.J.Pinckaers <w.h.j.pinckaers@cpedu.rug.nl> and Perry Harrin
|
|
Vulnerable:
|
Sun Solaris 2.5.1
LBL traceroute 1.4 a5
+
Debian Linux 2.2
+
Mandriva Linux Mandrake 7.1
+
Mandriva Linux Mandrake 7.0
+
Redhat Linux 6.2 i386
+
Redhat Linux 6.1 i386
+
Redhat Linux 6.0
+
SCO eDesktop 2.4
+
Trustix Trustix Secure Linux 1.1
+
Trustix Trustix Secure Linux 1.0
|
|
|
|
Not Vulnerable:
|
LBL traceroute 1.4 a7
|
|
