Full Disclosure mailing list archives
Re: [iputils] Integer overflow in iputils ping/ping6 tools
From: Darius Jahandarie <djahandarie () gmail com>
Date: Tue, 13 Mar 2012 18:30:50 -0400
On Tue, Mar 13, 2012 at 18:17, Marcus Meissner <meissner () suse de> wrote:
How is this different from writing a fork bomb?
I could imagine applications which accept ping interval and do not filter it. That's a class of application which would not be affected by a fork bomb (since they do not allow execution of arbitrary commands), but would be affect by this (as long as the user is allowed to alter the ping interval). But yes, it seems like a fairly small affected class of applications. Fun hole though, and no sense in leaving it unpatched. -- Darius Jahandarie _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [iputils] Integer overflow in iputils ping/ping6 tools Christophe Alladoum (Mar 13)
- Re: [iputils] Integer overflow in iputils ping/ping6 tools Marcus Meissner (Mar 13)
- Re: [iputils] Integer overflow in iputils ping/ping6 tools James Condron (Mar 13)
- Re: [iputils] Integer overflow in iputils ping/ping6 tools Jeffrey Walton (Mar 13)
- Re: [iputils] Integer overflow in iputils ping/ping6 tools Gage Bystrom (Mar 13)
- Re: [iputils] Integer overflow in iputils ping/ping6 tools Darius Jahandarie (Mar 14)
- Re: [iputils] Integer overflow in iputils ping/ping6 tools Marcus Meissner (Mar 13)