tech-security: [mark@pine.nl: Remote buffer overflow in resolver code of libc]

Subject: [mark@pine.nl: Remote buffer overflow in resolver code of libc]
To: None <tech-security@netbsd.org>
From: Lubomir Sedlacik <salo@Xtrmntr.org>
List: tech-security
Date: 06/27/2002 01:40:12
--envbJBWh7q8WU6mo
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

any closer info?  will there be official advisory released?

thanks,

----- Forwarded message from Mark Lastdrager <mark@pine.nl> -----

Date: Wed, 26 Jun 2002 09:37:16 +0200
From: Mark Lastdrager <mark@pine.nl>
To: bugtraq@securityfocus.com
Cc: vulnwatch@vulnwatch.org, vuln-dev@securityfocus.com,
	editors@daemonnews.org
Subject: Remote buffer overflow in resolver code of libc

Please find advisory attached.

Mark Lastdrager

--
Pine Internet BV ::  tel. +31-70-3111010 ::  fax. +31-70-3111011
PGP 0xFF0EA728 fpr 57D2 CD16 5908 A8F0 9F33 AAA3 AFA0 24EF FF0E A728
Today's excuse: Radial Telemetry Infiltration

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------=
---
 Pine Internet Security Advisory
 --------------------------------------------------------------------------=
---
 Advisory ID       : PINE-CERT-20020601=20
 Authors           : Joost Pol <joost@pine.nl>
 Issue date        : 2002-06-25=20
 Application       : Multiple
 Version(s)        : Multiple=20
 Platforms         : FreeBSD, OpenBSD, NetBSD, maybe more.=20
 Availability      : http://www.pine.nl/advisories/pine-cert-20020601.txt
 --------------------------------------------------------------------------=
---

Synopsis

	There is a remote buffer overflow in the resolver code of libc.

Impact

	Serious.

	Exploitability will vary on application-specific issues.

Description

	There is a slight mistake in the resolver code of libc.

	This will allow an attacker-controlled DNS server to reply
	with a carefully crafted message to (for example) a
	gethostbyname request.
=09
	This reply will trigger the buffer overflow

Solution

	FreeBSD, NetBSD and OpenBSD CVS have been updated.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (SunOS)

iD8DBQE9GWfH0jbIKvNgu5MRAthDAKCBd18Ti5TH9Nts5LszRXfVJ+KXOwCfRDx0
rLNudIKentqTZeIXslcTi2c=3D
=3DxNWe
-----END PGP SIGNATURE-----


----- End forwarded message -----

--=20
-- Lubomir Sedlacik <salo@Xtrmntr.org>   ASCII Ribbon campaign against  /"\=
 --
--                  <salo@silcnet.org>   e-mail in gratuitous HTML and  \ /=
 --
--                                       Microsoft proprietary formats   X =
 --
-- PGPkey: http://Xtrmntr.org/salo.pgp                                  / \=
 --
-- Key Fingerprint: DBEC 8BEC 9A90 ECEC 0FEF  716E 59CE B70B 7E3B 70E2     =
 --

--envbJBWh7q8WU6mo
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (NetBSD)

iD8DBQE9GlDcWc63C347cOIRArgHAKDv0ep5YWGaCLoT1DWYpKtDMCm7EgCglAvb
zeQFo2z+mKFHGPmHurkiHvY=
=aZDE
-----END PGP SIGNATURE-----

--envbJBWh7q8WU6mo--