Описание
Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| inetutils | not-affected | package | ||
| atftp | not-affected | package | ||
| netkit-tftp | not-affected | package | ||
| tftp-hpa | not-affected | package |
Примечания
The address length comes from libc, not the network.
Связанные уязвимости
nvd
около 21 года назад
Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function.
github
почти 4 года назад
Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function.