[17403] in bugtraq
Re: old version of host command vulnearbility
daemon@ATHENA.MIT.EDU (Marco d'Itri)
Mon Oct 30 00:58:02 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-Id: <20001027223453.B5346@wonderland.linux.it>
Date: Fri, 27 Oct 2000 22:34:53 +0200
Reply-To: "Marco d'Itri" <md@LINUX.IT>
From: "Marco d'Itri" <md@LINUX.IT>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20001027201151.E26852@antiz.marmoc.net>; from
antirez@LINUXCARE.COM on Fri, Oct 27, 2000 at 08:11:55PM +0200
On Oct 27, antirez <antirez@LINUXCARE.COM> wrote:
>Old versions of the 'host' command, contain
>an exploitable buffer overflow. Sorry if this
>is already known, it seems an old problem
>but I failed searching it in the bugtraq archives.
I discovered the bug in january (maybe february?) and reported it to
the author. He fixed it in the next release, but I don't think this
vulnerability was ever announced, at least on BUGTRAQ.
--
ciao,
Marco
