FreeBSD Security Advisory FreeBSD-SA-08:02.libc
Garrett Wollman
wollman at freebsd.org
Mon Jan 14 21:35:29 PST 2008
<<On Mon, 14 Jan 2008 23:28:46 -0500, Mike Tancsa <mike at sentex.net> said:
> For the "usual suspects" of applications running, (e.g. sendmail,
> apache, BIND etc) would it be possible to pass crafted packets
> through to this function remotely via those apps ? ie how easy is this to do ?
inet_network() is a very infrequently-used function (perhaps because
it's nearly useless except for backward-compatibility). It's
referenced by getent(1), isdnd(8), timed(8), and mountd(8) -- the
latter three I assume for configuration-file parsing -- and can also
be called from getnetbyname(). libbind also includes an
implementation of it, but bind itself doen't reference it. route(8)
uses it to parse network numbers given on the command line.
-GAWollman
More information about the freebsd-security
mailing list