Full Disclosure mailing list archives

!ADVISORY! $ +Thu Mar 16 14:08:58 EST 2006+ $ Integer Overflow in ISC BIND

From: pokley <pokleyzz () scan-associates net>
Date: Thu, 16 Mar 2006 19:09:00 +0000 (GMT)




!ADVISORY! $ +Thu Mar 16 14:08:58 EST 2006+ $ Integer Overflow in ISC BIND




+++++++++++++++++++++++++++++++++++++++++++++++++++++++
1. Description
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
ISC BIND incorrectly parses integer data, and this can be used to execute arbitrary code.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++
2. Vendor Response
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
ISC BIND had presented no commentary.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
Appendix A Vendor Information
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
http://www.isc.org/index.pl?/sw/bind/



+++++++++++++++++++++++++++++++++++++++++++++++++++++++
Contact
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
pokley pokleyzz () scan-associates net

GSAE CCE CSFA GREM GIPS GHTQ GWAS 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

!ADVISORY! $ +Thu Mar 16 14:08:58 EST 2006+ $ Integer Overflow in ISC BIND pokley (Mar 16)