mtr split.c文件远程栈溢出漏洞

BUGTRAQ ID: 29290 mtr是结合了traceroute和ping程序的网络诊断工具。 mtr的split.c文件的splitredraw函数在处理特制的主机名时存在栈溢出漏洞，远程攻击者可能利用此漏洞控制用户系统。 以下是有漏洞部分的代码段： "split.c" define MAXLINESIZE 256 void splitredrawvoid int max; int at; ipt addr; char name; char newLineMAXLINESIZE; int i; ... forat = 0; at max; at++ addr = netaddra...

CVE-2008-2357

Stack-based buffer overflow in the splitredraw function in split.c in mtr before 0.73, when invoked with the -p aka --split option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the nsnamentop function in...