Bugtraq mailing list archives
Re: Netstd 3.07-17 multiple remote buffer overflows
From: lupe () lupe-christoph de (Lupe Christoph)
Date: Sat, 25 May 2002 11:01:47 +0200
On Friday, 2002-05-24 at 10:39:23 +0200, Spybreak wrote:
Release : May 24, 2002 Author : Spybreak (spybreak () host sk) Software : netstd Version : 3.07-17 URL : debian.org Status : vendor contacted Problem : Multiple remote buffer overflows
Netstd is a package of networking utilities and daemons from the Debian Linux distribution.
Not true. http://packages.debian.org/stable/net/netstd.html says Package: netstd 3.07-17 Legacy package that you should remove. This package exists only to provide smooth upgrades. Please remove it. And you neglected to mantion that this is a package in the soon-to-be-replaced stable release (potato), not the soon-to-be-released currently-testing woody. Since many people don't run potato anymore because it is getting a little old, this matters a lot.
It is possible to remotely overflow buffers in several utilities from the package, through owned DNS server. The FQDN obtained from the reply is simply copied into small fixed size buffer, without any check on the length of the answer.
I wonder how you can overflow anything in any of the files that are in netstd-3.07-17: http://packages.debian.org/cgi-bin/search_contents.pl?searchmode=filelist&word=netstd&version=stable Debian package contents search results FILE PACKAGE usr/share/doc/netstd/README.debian net/netstd usr/share/doc/netstd/changelog.Debian.gz net/netstd usr/share/doc/netstd/copyright net/netstd
The same problem is present in these utils from the netstd 3.07-17 package:
- linux-ftpd
http://packages.debian.org/cgi-bin/search_contents.pl?word=linux-ftpd&searchmode=searchfilesanddirs&case=insensitive&version=stable&arch=i386 Debian package contents search results Can't find that file, at least not in that distribution and on that architecture.
- pcnfsd
Do you mean the package pcnfsd 2.0-4? I do not see any bug filed against this package, by you or anybody else.
- tftp
Package tftp 0.10-1? Again, I can't find any bug filed, by you or anybody else.
- traceroute
Package traceroute 1.4a5-3? Again, no bugs filed.
- from/to
What is this? The package bsdmainutils 4.7.1 has a /usr/bin/from, but no 'to'. It's impossible to sift through the hits on 'to' on the Debian package search page. You do not mention having contacted anybody on the Debian team, and you do not seem to have. Please follow protocol. Lupe Christoph -- | lupe () lupe-christoph de | http://free.prohosting.com/~lupe | | I have challenged the entire ISO-9000 quality assurance team to a | | Bat-Leth contest on the holodeck. They will not concern us again. | | http://public.logica.com/~stepneys/joke/klingon.htm |
Current thread:
- Netstd 3.07-17 multiple remote buffer overflows Spybreak (May 24)
- Re: Netstd 3.07-17 multiple remote buffer overflows Lupe Christoph (May 25)