Computer Security

MyDNS buffer overflow
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



MyDNS buffer overflow
Published:28.04.2007
Source:FULL-DISCLOSURE
SecurityVulns ID:7646
Type:remote
Level:5/10
Description:Heap buffer overflow on dynamic DNS update request parsing.
Affected:MYDNS : mydns 1.1
CVE:CVE-2007-2362 (Multiple buffer overflows in MyDNS 1.1.0 allow remote attackers to (1) cause a denial of service (daemon crash) and possibly execute arbitrary code via a certain update, which triggers a heap-based buffer overflow in update.c; and (2) cause a denial of service (daemon crash) via unspecified vectors that trigger an off-by-one stack-based buffer overflow in update.c.)
Original documentdocumentmu-b, [Full-disclosure] mydns-1.1.0 remote heap overflow (28.04.2007)
Files:mydns remote exploit PoC (x86-lnx)
 mydns update buffer overflow patch
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server