UMN Gopherd 2.x Halidate Function Buffer Overflow Vulnerability
BID:1591
Info
UMN Gopherd 2.x Halidate Function Buffer Overflow Vulnerability
| Bugtraq ID: | 1591 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Aug 20 2000 12:00AM |
| Updated: | Aug 20 2000 12:00AM |
| Credit: | Posted to Bugtraq on August 20, 2000 by Chris Sharp <[email protected]>. |
| Vulnerable: |
University of Minnesota gopherd 2.3.1 p0 |
| Not Vulnerable: | |
Discussion
UMN Gopherd 2.x Halidate Function Buffer Overflow Vulnerability
It is possible to either execute arbitrary code or crash a remote system running University of Minnesota's Gopher Daemon, depending on the data entered. An unchecked buffer exists in the 'halidate' function of Gopherd, where the 512 byte buffer can be overwritten with approximately 600 bytes of data.
It is possible to either execute arbitrary code or crash a remote system running University of Minnesota's Gopher Daemon, depending on the data entered. An unchecked buffer exists in the 'halidate' function of Gopherd, where the 512 byte buffer can be overwritten with approximately 600 bytes of data.
Exploit / POC
UMN Gopherd 2.x Halidate Function Buffer Overflow Vulnerability
Chris Sharp <[email protected]> has released the following exploit:
Chris Sharp <[email protected]> has released the following exploit:
Solution / Fix
UMN Gopherd 2.x Halidate Function Buffer Overflow Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
UMN Gopherd 2.x Halidate Function Buffer Overflow Vulnerability
References:
References: