dnsmasq <2.21 off-by-one

From: Alex (alex00882007_at_gmail.com)
Date: 03/29/05


Date: Tue, 29 Mar 2005 10:53:42 -0500
To: vuln-dev@securityfocus.com

Yesterday I claimed the off-by-one vulnerability is not remotely
exploitable. It is. Anyone that leases from dnsmasq can take advantage
of two off-by-ones. Then when the lease file is read dnsmasq may
crash.