Vulnerability Development mailing list archives

Re: quick question about the exploitability of a bug in nessus.

From: Michel Arboi <arboi () yahoo com>
Date: Wed, 13 Feb 2002 13:56:08 +0100 (CET)

 --- Nathan Valentine <nathan () nathanvalentine org> a écrit :

There is a rarely triggered bug in nessus(actually
libnasl/nasl/nessus_extenstions.c) that results in a null pointer
being passed to inet_ntoa()


inet_ntoa argument is a structure, not a pointer.

nessusd segfaults when this happens.


Maybe this happens when it tries to dereference a pointer to the
structure before feeding it to inet_ntoa ?

I can provide a core dump file or an explanation of how to trigger
the bug for any who are interested in taking a further look.


Also this is probably not exploitable, you may provide all this to the
developpers so that they improve the stability of the software.



___________________________________________________________
Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français !
Yahoo! Mail : http://fr.mail.yahoo.fr

Current thread:

quick question about the exploitability of a bug in nessus. Nathan Valentine (Feb 12)
- Re: quick question about the exploitability of a bug in nessus. Florian Weimer (Feb 13)
- Re: quick question about the exploitability of a bug in nessus. Michel Arboi (Feb 13)