Vulnerability Development mailing list archives
Re: quick question about the exploitability of a bug in nessus.
From: Michel Arboi <arboi () yahoo com>
Date: Wed, 13 Feb 2002 13:56:08 +0100 (CET)
--- Nathan Valentine <nathan () nathanvalentine org> a écrit :
There is a rarely triggered bug in nessus(actually libnasl/nasl/nessus_extenstions.c) that results in a null pointer being passed to inet_ntoa()
inet_ntoa argument is a structure, not a pointer.
nessusd segfaults when this happens.
Maybe this happens when it tries to dereference a pointer to the structure before feeding it to inet_ntoa ?
I can provide a core dump file or an explanation of how to trigger the bug for any who are interested in taking a further look.
Also this is probably not exploitable, you may provide all this to the developpers so that they improve the stability of the software. ___________________________________________________________ Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français ! Yahoo! Mail : http://fr.mail.yahoo.fr
Current thread:
- quick question about the exploitability of a bug in nessus. Nathan Valentine (Feb 12)
- Re: quick question about the exploitability of a bug in nessus. Florian Weimer (Feb 13)
- Re: quick question about the exploitability of a bug in nessus. Michel Arboi (Feb 13)