Re: FreeBSD Security Advisory FreeBSD-SA-08:02.libc
- From: Gregory Shapiro <gshapiro@xxxxxxxxxxx>
- Date: Mon, 14 Jan 2008 21:07:45 -0800
Topic: inet_network() buffer overflow
For the "usual suspects" of applications running, (e.g. sendmail, apache,
BIND etc) would it be possible to pass crafted packets through to this
function remotely via those apps ? ie how easy is this to do ?
Speaking solely for sendmail, this issue does not appear to impact
sendmail or any utilities/libraries in the sendmail distribution.
Nothing in the sendmail distribution calls inet_network() or getnet*()
(which appears to use inet_network() in libc).
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- References:
- FreeBSD Security Advisory FreeBSD-SA-08:02.libc
- From: FreeBSD Security Advisories
- Re: FreeBSD Security Advisory FreeBSD-SA-08:02.libc
- From: Mike Tancsa
- FreeBSD Security Advisory FreeBSD-SA-08:02.libc
- Prev by Date: Re: FreeBSD Security Advisory FreeBSD-SA-08:02.libc
- Next by Date: Re: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-08:02.libc
- Previous by thread: Re: FreeBSD Security Advisory FreeBSD-SA-08:02.libc
- Next by thread: Re: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-08:02.libc
- Index(es):
Relevant Pages
|
|
