Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Multiple Vendor BSD libc DNS Lookup Buffer Overflow Vulnerability

Multiple Vendor BSD libc DNS Lookup Buffer Overflow Vulnerability

by Nikola Strahija on June 28th, 2002 The libc library includes functions which perform DNS lookups. A buffer overflow vulnerability has been reported in versions of libc used by some operating systems. In particular, FreeBSD, NetBSD and OpenBSD have been reported to suffer from this issue. The vulnerable code is related to DNS queries. It may be possible for a malicious DNS server to provide a response which will exploit this vulnerability, resulting in the execution of arbitrary code as the vulnerable process.


The consequences of exploitation will be highly dependant on the details of individual applications using libc.

This vulnerability has been reported in recent versions of FreeBSD, NetBSD and OpenBSD. It is likely that earlier versions share this vulnerability.

Remote: Yes

Exploit: No


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »