Vulnerability Development mailing list archives
Re: quick question about the exploitability of a bug in nessus.
From: Florian Weimer <Weimer () CERT Uni-Stuttgart DE>
Date: Wed, 13 Feb 2002 11:45:29 +0100
Nathan Valentine <nathan () nathanvalentine org> writes:
Perhaps this is a question that cannot be answered without more information and a core dump file, but could someone with more(read:any ;p) experience writing exploits please offer an opinion as to whether that sounds like an exploitable situation?
Perhaps denial of service is possible, but there is obviously no way to inject machine code (unless inet_ntoa is extremly flawed), that's why I don't think this is a major issue. -- Florian Weimer Weimer () CERT Uni-Stuttgart DE University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/ RUS-CERT +49-711-685-5973/fax +49-711-685-5898
Current thread:
- quick question about the exploitability of a bug in nessus. Nathan Valentine (Feb 12)
- Re: quick question about the exploitability of a bug in nessus. Florian Weimer (Feb 13)
- Re: quick question about the exploitability of a bug in nessus. Michel Arboi (Feb 13)