Full Disclosure mailing list archives
Re: Buffer Overflow in dnsmap 0.22 - DNS Network Mapper by pagvac (gnucitizen.org)
From: srl <security.research.labs () gmail com>
Date: Wed, 25 Feb 2009 18:24:20 +0200
Dear Jason Starks, It can be exploited remote via XXS it the attack vectors API's and framework made by PDP, btw great work PDP and gnucitizen.org security team, keep up the good work. I now try to attach gdb to javascript to do remove exploatation of dnsmap On Wed, Feb 25, 2009 at 6:10 PM, Jason Starks <jstarks440 () gmail com> wrote:
I'm going to say dnsmap isn't suid or sguid, and a segmentation fault can occur after triggering a simple programming error (you've shown no signs of code execution). Terrrrrrrific. On Wed, Feb 25, 2009 at 10:36 AM, srl <security.research.labs () gmail com>wrote:Security Advisory: PRODUCT ************ http://www.gnucitizen.org/blog/new-version-of-dnsmap-out/ http://www.gnucitizen.org/static/blog/2009/02/dnsmap-022.tar This this is a great tool, used by the two pentesters, pagvac and pdp TECHNICAL DESCRIPTION ******************************** A local buffer overflow exist in dnsmap 0.22. $ dnsmap -r `perl -e 'print "A"x250'` dnsmap 0.22 - DNS Network Mapper by pagvac (gnucitizen.org) Segmentation fault SOLUTION ************* Wait until pagvac will learn about strncpy(). _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Buffer Overflow in dnsmap 0.22 - DNS Network Mapper by pagvac (gnucitizen.org) srl (Feb 25)
- Re: Buffer Overflow in dnsmap 0.22 - DNS Network Mapper by pagvac (gnucitizen.org) Jason Starks (Feb 25)
- Re: Buffer Overflow in dnsmap 0.22 - DNS Network Mapper by pagvac (gnucitizen.org) srl (Feb 25)
- Re: Buffer Overflow in dnsmap 0.22 - DNS Network Mapper by pagvac (gnucitizen.org) Jason Starks (Feb 25)
- Re : Buffer Overflow in dnsmap 0.22 - DNS Network Mapper by pagvac (gnucitizen.org) Pete Licoln (Feb 25)
- Re: Buffer Overflow in dnsmap 0.22 - DNS Network Mapper by pagvac (gnucitizen.org) Jason Starks (Feb 25)