Full Disclosure mailing list archives
Re: SSL Capable NetCat and more
From: GomoR <gomor-fd () gomor org>
Date: Mon, 28 Mar 2011 08:47:28 +0200
On Sun, Mar 27, 2011 at 02:23:03PM -0700, Zach C. wrote:
Okay, and also let me rephrase the question: what does your tool do that * socat* doesn't?
Better question ;) scnc is written in Perl, and does not suffer from stack overflows: http://www.dest-unreach.org/socat/ 2010/08/02: A stack overflow vulnerability has been fixed that could be triggered when command line arguments were longer than 512 bytes. Fixed versions are 1.7.1.3 and 2.0.0-b4. See socat security advisory 2 for details. This one is from command line, maybe the next will be in the server mode or whatever. Regards, -- ^ ___ ___ http://www.GomoR.org/ <-+ | / __ |__/ Senior Security Engineer | | \__/ | \ ---[ zsh$ alias psed='perl -pe ' ]--- | +--> Net::Frame <=> http://search.cpan.org/~gomor/ <---+ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- SSL Capable NetCat and more GomoR (Mar 26)
- Re: SSL Capable NetCat and more Udi Shamir (Mar 26)
- <Possible follow-ups>
- Re: SSL Capable NetCat and more Anton Ziukin (Mar 26)
- Re: SSL Capable NetCat and more GomoR (Mar 26)
- Re: SSL Capable NetCat and more Dan Tulovsky (Mar 27)
- Re: SSL Capable NetCat and more Randal T. Rioux (Mar 30)
- Re: SSL Capable NetCat and more -= Glowing Doom =- (Mar 31)
- Re: SSL Capable NetCat and more -= Glowing Doom =- (Mar 31)
- Re: SSL Capable NetCat and more GomoR (Mar 26)
- Re: SSL Capable NetCat and more Zach C. (Mar 27)
- Re: SSL Capable NetCat and more GomoR (Mar 27)
- Re: SSL Capable NetCat and more Michal Zalewski (Mar 28)
- Message not available
- Re: SSL Capable NetCat and more Zach C. (Mar 28)
- Re: SSL Capable NetCat and more Fyodor (Mar 28)