cve/CVE-2017-9430.md at 9cc2023bd8dbe0ab8c5f051fa9a43f1e04594987

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-05 18:27:17 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Stack-based buffer overflow in dnstracer through 1.9 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv[0]. An example threat model is a web application that launches dnstracer with an untrusted name string.

POC

Reference

https://packetstormsecurity.com/files/142799/DNSTracer-1.8.1-Buffer-Overflow.html
https://www.exploit-db.com/exploits/42115/
https://www.exploit-db.com/exploits/42424/

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/andir/nixos-issue-db-example
https://github.com/homjxi0e/CVE-2017-9430
https://github.com/j0lama/Dnstracer-1.9-Fix
https://github.com/migraine-sudo/Exploit-to-DnsTracerv1.9

1.1 KiB Raw Blame History

CVE-2017-9430

Description

POC

Reference

Github

1.1 KiB

Raw Blame History