Computer Security
[EN] securityvulns.ru no-pyccku


dproxy DNS proxy buffer overflow
updated since 23.03.2007
Published:31.03.2007
Source:
SecurityVulns ID:7455
Type:remote
Threat Level:
6/10
Description:Buffer overflow on oversized DNS request UDP packet (UDP/53).
Affected:DPROXY : dproxy 0.5
 DPROXY : dproxy-nexgen
CVE:CVE-2007-1866 (Stack-based buffer overflow in the dns_decode_reverse_name function in dns_decode.c in dproxy-nexgen allows remote attackers to execute arbitrary code by sending a crafted packet to port 53/udp, a different issue than CVE-2007-1465.)
 CVE-2007-1465 (Stack-based buffer overflow in dproxy.c for dproxy 0.1 through 0.5 allows remote attackers to execute arbitrary code via a long DNS query packet to UDP port 53.)
Original documentdocumentmu-b, [Full-disclosure] dproxy-nexgen remote (31.03.2007)
 documentAlexander Klink, [Full-disclosure] dproxy - arbitrary code execution through stack buffer overflow vulnerability (23.03.2007)
Files:MetaSploit exploit for remote buffer overflow issue in dproxy
 dproxy-nexgen remote root exploit (x86-lnx)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod