AntiSniff DNS buffer overflow allows execution of arbitrary code
| antisniff-dns-overflow (4459) |  High Risk |
Description:
The AntiSniff DNS test is vulnerable to a buffer overflow that would allow an attacker to execute arbitrary code by sending a malformed DNS packet to the system running AntiSniff.
Consequences:
Gain Access
Remedy:
Upgrade to version 1.02 or later for Windows, or version 1.1 or later of the Researcher's version, available at the AntiSniff Downloads page on the LOpht Heavy Industries Web site, as listed in the L0pht Research Labs Security Advisory. See References.
References:
- @stake, Inc./L0pht Heavy Industries, Inc. Web site: AntiSniff Download.
- @stake, Inc./L0pht Security Advisory 05/15/00: AntiSniff version 1.01 and Researchers version 1 DNS overflow.
- BID-1207: AntiSniff DNS Overflow Vulnerability
- CVE-2000-0405: Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet.
- OSVDB ID: 3179: AntiSniff DNS Overflow Remote Code Execution
Platforms Affected:
- @Stake AntiSniff
Reported:
May 15, 2000
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this