AntiSniff DNS Overflow Remote Code Execution

2000-05-15T00:00:00
ID OSVDB:3179
Type osvdb
Reporter OSVDB
Modified 2000-05-15T00:00:00

Description

Vulnerability Description

AntiSniff contains a flaw that allows a remote attacker to execute arbitrary code on a vulnerable host. The flaw is due to one of the tests performed not properly validating input on incoming packets. A carefully crafted packet that does not adhere to DNS specifications can trigger a remote overflow and allow arbitrary code to be executed.

Solution Description

Upgrade to version 1.02 or higher, as it has been reported to fix this vulnerability. Users may also install the vendor provided patch that mitigates this vulnerability.

Short Description

AntiSniff contains a flaw that allows a remote attacker to execute arbitrary code on a vulnerable host. The flaw is due to one of the tests performed not properly validating input on incoming packets. A carefully crafted packet that does not adhere to DNS specifications can trigger a remote overflow and allow arbitrary code to be executed.

References:

Other Advisory URL: http://archives.neohapsis.com/archives/win2ksecadvice/2000-q2/0106.html ISS X-Force ID: 4459 CVE-2000-0405 Bugtraq ID: 1207