Bugtraq mailing list archives

Re: Nanog traceroute format string exploit.

From: Olaf Kirch <okir () suse de>
Date: Wed, 24 Jul 2002 14:43:11 +0200

On Sun, Jul 21, 2002 at 02:09:24PM +0200, SpaceWalker wrote:

-This exploit will never be used to haxor something because I never
saw this traceroute used by default


Well, SuSE has been using Nanog traceroute for ages; at least
since 7.0 but probably longer.

OTOH, the bug isn't very new either.  The nktib package in SuSE Linux
7.0 has a patch for this vulnerability dated 2000/10/03 14:12:43.

Finally, let me remark that your exploit has a minor bug in detecting
vulnerable versions. Using the attached patch it will properly
recognize patched versions of traceroute :)

Cheers
Olaf
-- 
Olaf Kirch     |  Anyone who has had to work with X.509 has probably
okir () suse de   |  experienced what can best be described as
---------------+  ISO water torture. -- Peter Gutmann

Attachment: exp.fix
Description:

Current thread:

Nanog traceroute format string exploit. SpaceWalker (Jul 22)
- Re: Nanog traceroute format string exploit. Ryan Mansager (Jul 23)
- Re: Nanog traceroute format string exploit. Olaf Kirch (Jul 24)