[10698] in bugtraq
Re: weaknesses in dns label decoding,
daemon@ATHENA.MIT.EDU (Dag-Erling Smorgrav)
Wed Jun 2 16:33:04 1999
Message-Id: <xzpwvxmv3uy.fsf@hrotti.ifi.uio.no>
Date: Wed, 2 Jun 1999 20:45:09 +0200
Reply-To: Dag-Erling Smorgrav <des@IFI.UIO.NO>
From: Dag-Erling Smorgrav <des@IFI.UIO.NO>
X-To: bobk <bobk@SINISTER.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: bobk's message of "Mon, 31 May 1999 17:49:53 -0400"
bobk <bobk@SINISTER.COM> writes:
> Imagine what could happen if some program did a strcmp() on the following
> name:
>
> rs.internic.net\0.xa.net
>
> where, of course, \0 is a null
>
> Interested readers may ponder what type of programs may be exploited with
> this type of attack.
Any .rhosts consumer. Xhost. Amanda (.amandahosts). Lpd (lpd.allow).
What did I win?
DES
--
Dag-Erling Smorgrav - des@ifi.uio.no
