RedHat Linux ping Buffer Overflow Vulnerability
BID:1813
Info
RedHat Linux ping Buffer Overflow Vulnerability
| Bugtraq ID: | 1813 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2000-1214 |
| Remote: | No |
| Local: | Yes |
| Published: | Oct 18 2000 12:00AM |
| Updated: | Jul 11 2009 03:56AM |
| Credit: | This was first published in RedHat advisory RHSA-2000:087-02 on October 18, 2000. |
| Vulnerable: |
Wirex Immunix OS 6.2 Redhat Linux 7.0 Redhat Linux 6.2 sparc Redhat Linux 6.2 i386 Redhat Linux 6.2 alpha Redhat iputils-20000418-6.i386.rpm Redhat iputils-20000121-2.i386.rpm |
| Not Vulnerable: | |
Discussion
RedHat Linux ping Buffer Overflow Vulnerability
ping is a network diagnostic tool shipped with almost every operating system. On unix/linux systems it is usually installed setuid root because it needs to open a raw socket (to send and recieve ICMP messages). The version of ping that ships with RedHat Linux (and quite possibly, though uncomfirmed, others) is vulnerable to a buffer overflow attack. The exact techincal details are not known at this time. It is reported that the overflow involves a static variable, 'buf', though it has not verified whether this this exploitable or not. It is likely that this is non-exploitable.
ping is a network diagnostic tool shipped with almost every operating system. On unix/linux systems it is usually installed setuid root because it needs to open a raw socket (to send and recieve ICMP messages). The version of ping that ships with RedHat Linux (and quite possibly, though uncomfirmed, others) is vulnerable to a buffer overflow attack. The exact techincal details are not known at this time. It is reported that the overflow involves a static variable, 'buf', though it has not verified whether this this exploitable or not. It is likely that this is non-exploitable.
Exploit / POC
RedHat Linux ping Buffer Overflow Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].