Posadis log_print() Remote Overflow

2002-04-11T00:00:00
ID OSVDB:3517
Type osvdb
Reporter OSVDB
Modified 2002-04-11T00:00:00

Description

Vulnerability Description

Posadis DNS Server contains a flaw that allows a remote attacker to crash the service and possibly execute arbitrary code. The issue is due to improper bounds checking of the log_print() function resulting in a buffer overflow condition.

Solution Description

Upgrade to version 0.50.7 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Posadis DNS Server contains a flaw that allows a remote attacker to crash the service and possibly execute arbitrary code. The issue is due to improper bounds checking of the log_print() function resulting in a buffer overflow condition.

References:

Vendor URL: http://www.posadis.org/ Related OSVDB ID: 3516 Other Advisory URL: http://www.netric.org/advisories/netric-adv005.txt ISS X-Force ID: 10830