Re: FreeBSD Security Advisory FreeBSD-SA-08:02.libc
- From: Mike Tancsa <mike@xxxxxxxxxx>
- Date: Tue, 15 Jan 2008 00:53:25 -0500
At 12:22 AM 1/15/2008, Mark Andrews wrote:
>
> For the "usual suspects" of applications running, (e.g. sendmail,
> apache, BIND etc) would it be possible to pass crafted packets
> through to this function remotely via those apps ? ie how easy is this to do
> ?
The usual suspects don't call inet_network().
route calls inet_network() but not routed doesn't.
Thanks to all who responded so far! I had a look at some of the ports I am using and so far all I found was
find . -name "*.c" | xargs grep inet_network
./apache13-modssl/work/apache_1.3.33/src/modules/proxy/proxy_util.c: if (host[i] == '\0' && (ap_inet_addr(host) == -1 || inet_network(host) == -1))
---Mike
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- References:
- Re: FreeBSD Security Advisory FreeBSD-SA-08:02.libc
- From: Mike Tancsa
- Re: FreeBSD Security Advisory FreeBSD-SA-08:02.libc
- From: Mark Andrews
- Re: FreeBSD Security Advisory FreeBSD-SA-08:02.libc
- Prev by Date: Re: FreeBSD Security Advisory FreeBSD-SA-08:02.libc
- Next by Date: Re: FreeBSD Security Advisory FreeBSD-SA-08:02.libc
- Previous by thread: Re: FreeBSD Security Advisory FreeBSD-SA-08:02.libc
- Next by thread: Re: FreeBSD Security Advisory FreeBSD-SA-08:02.libc
- Index(es):
Relevant Pages
|
|
