FreeBSD Security Advisory FreeBSD-SA-08:02.libc
Mike Tancsa
mike at sentex.net
Mon Jan 14 20:43:21 PST 2008
At 06:09 PM 1/14/2008, FreeBSD Security Advisories wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>=============================================================================
>FreeBSD-SA-08:02.libc Security Advisory
> The FreeBSD Project
>
>Topic: inet_network() buffer overflow
>
>For programs which passes untrusted data to inet_network(), an
>attacker may be able to overwrite a region of memory with user defined
>data by causing specially crafted input to be passed to
>inet_network().
For the "usual suspects" of applications running, (e.g. sendmail,
apache, BIND etc) would it be possible to pass crafted packets
through to this function remotely via those apps ? ie how easy is this to do ?
---Mike
More information about the freebsd-security
mailing list