Dns2tcp Multiple Remote Buffer Overflow Vulnerabilities
BID:31080
Info
Dns2tcp Multiple Remote Buffer Overflow Vulnerabilities
| Bugtraq ID: | 31080 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2008-3910 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 09 2008 12:00AM |
| Updated: | Sep 10 2008 08:31PM |
| Credit: | These issues were disclosed by the vendor. |
| Vulnerable: |
Herve Schauer Consultants (HSC) Dns2tcp 0.4 |
| Not Vulnerable: |
Herve Schauer Consultants (HSC) Dns2tcp 0.4.1 |
Discussion
Dns2tcp Multiple Remote Buffer Overflow Vulnerabilities
Dns2tcp is prone to multiple remote buffer-overflow vulnerabilities because it fails to properly validate user-supplied input.
A remote attacker can exploit these issues to crash the application, denying service to legitimate users. Given the nature of these issues, attackers may also be able to run arbitrary code, but this has not been confirmed.
Versions prior to Dns2tcp 0.4.1 are vulnerable.
Dns2tcp is prone to multiple remote buffer-overflow vulnerabilities because it fails to properly validate user-supplied input.
A remote attacker can exploit these issues to crash the application, denying service to legitimate users. Given the nature of these issues, attackers may also be able to run arbitrary code, but this has not been confirmed.
Versions prior to Dns2tcp 0.4.1 are vulnerable.
Exploit / POC
Dns2tcp Multiple Remote Buffer Overflow Vulnerabilities
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Dns2tcp Multiple Remote Buffer Overflow Vulnerabilities
Solution:
Updates are available. Please see the references for more information.
Herve Schauer Consultants (HSC) Dns2tcp 0.4
Solution:
Updates are available. Please see the references for more information.
Herve Schauer Consultants (HSC) Dns2tcp 0.4
-
Herve Schauer Consultants (HSC) dns2tcp-0.4.1.tar.gz
http://www.hsc.fr/ressources/outils/dns2tcp/download/dns2tcp-0.4.1.tar .gz
References
Dns2tcp Multiple Remote Buffer Overflow Vulnerabilities
References:
References:
- Dns2tcp Homepage (Herve Schauer Consultants)