Iodine DNS Response Stack Buffer Overflow Vulnerability
BID:20883
Info
Iodine DNS Response Stack Buffer Overflow Vulnerability
| Bugtraq ID: | 20883 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 02 2006 12:00AM |
| Updated: | Nov 08 2006 10:41PM |
| Credit: | poplix disclosed this vulnerability. |
| Vulnerable: |
Kryo iodine 0.3.2 |
| Not Vulnerable: |
Kryo iodine 0.3.3 |
Discussion
Iodine DNS Response Stack Buffer Overflow Vulnerability
IoDine is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
Exploiting this issue allows attackers to execute arbitrary machine code in the context of users running the affected application. Failed attempts will likely crash the application, resulting in denial-of-service conditions.
IoDine version 0.3.2 is vulnerable.
IoDine is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
Exploiting this issue allows attackers to execute arbitrary machine code in the context of users running the affected application. Failed attempts will likely crash the application, resulting in denial-of-service conditions.
IoDine version 0.3.2 is vulnerable.
Exploit / POC
Iodine DNS Response Stack Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]
Solution / Fix
Iodine DNS Response Stack Buffer Overflow Vulnerability
Solution:
The vendor has released an update to address this issue. Please see the references for more information.
Solution:
The vendor has released an update to address this issue. Please see the references for more information.
References
Iodine DNS Response Stack Buffer Overflow Vulnerability
References:
References: