Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Netstd 3.07-17 multiple remote buffer overflows

From: lupe () lupe-christoph de (Lupe Christoph)
Date: Sat, 25 May 2002 11:01:47 +0200
On Friday, 2002-05-24 at 10:39:23 +0200, Spybreak wrote:


Release  : May 24, 2002
Author   : Spybreak (spybreak () host sk)
Software : netstd
Version  : 3.07-17
URL      : debian.org
Status   : vendor contacted
Problem  : Multiple remote buffer overflows



Netstd is a package of networking utilities and daemons
from the Debian Linux distribution.


Not true.
  http://packages.debian.org/stable/net/netstd.html
says
  Package: netstd 3.07-17
  Legacy package that you should remove.

  This package exists only to provide smooth upgrades. Please remove it.

And you neglected to mantion that this is a package in the
soon-to-be-replaced stable release (potato), not the soon-to-be-released
currently-testing woody. Since many people don't run potato anymore
because it is getting a little old, this matters a lot.


It is possible to remotely overflow buffers in several utilities
from the package, through owned DNS server.
The FQDN obtained from the reply is simply copied into small fixed
size buffer, without any check on the length of the answer.


I wonder how you can overflow anything in any of the files that
are in netstd-3.07-17:

  http://packages.debian.org/cgi-bin/search_contents.pl?searchmode=filelist&word=netstd&version=stable

  Debian package contents search results

  FILE                                                       PACKAGE

  usr/share/doc/netstd/README.debian                        net/netstd
  usr/share/doc/netstd/changelog.Debian.gz                  net/netstd
  usr/share/doc/netstd/copyright                            net/netstd


The same problem is present in these utils from the netstd 3.07-17
package:



- linux-ftpd


  
http://packages.debian.org/cgi-bin/search_contents.pl?word=linux-ftpd&searchmode=searchfilesanddirs&case=insensitive&version=stable&arch=i386
  
  Debian package contents search results
  Can't find that file, at least not in that distribution and on that architecture.


- pcnfsd


Do you mean the package pcnfsd 2.0-4? I do not see any bug filed
against this package, by you or anybody else.


- tftp


Package tftp 0.10-1? Again, I can't find any bug filed, by you or
anybody else.


- traceroute


Package traceroute 1.4a5-3? Again, no bugs filed.


- from/to


What is this? The package bsdmainutils 4.7.1 has a /usr/bin/from,
but no 'to'. It's impossible to sift through the hits on 'to' on
the Debian package search page.

You do not mention having contacted anybody on the Debian team,
and you do not seem to have. Please follow protocol.

Lupe Christoph
-- 
| lupe () lupe-christoph de       |        http://free.prohosting.com/~lupe |
| I have challenged the entire ISO-9000 quality assurance team to a      |
| Bat-Leth contest on the holodeck. They will not concern us again.      |
| http://public.logica.com/~stepneys/joke/klingon.htm                    |
Previous By Date Next
Previous By Thread Next

Current thread: