Title: bing gethostbyaddr Buffer Overflow Vulnerability
Severity: MODERATE
Description:
bing is a freely available, open source software package written by Pierre Beyssac. The package is designed to calculate the capacity between two points by sending various sized ICMP packets and recording their return times.
A problem in bing can allow a local user to gain administrative privileges. A static buffer used to store the name of the host using a gethostbyaddr function is allocated a static 80 byte buffer in memory. It is possible for a user with control of their on IN-ADDR.arpa zone to create a custom crafted entry in their zone records, appended with shell code. Upon receiving the IN-ADDR entry, the buffer could overflow, overwriting stack variables up through the return address, and therefore executing the shellcode in the zone entry. This problem makes it possible for a user with malicious motives to gain elevated privleges on a vulnerable system, including administrative access.
Affected Products:
- Pierre Beyssac bing 1.0.4
- S.u.S.E. Linux 6.1.0
- S.u.S.E. Linux 6.2.0
- S.u.S.E. Linux 6.3.0
- S.u.S.E. Linux 6.4.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
