Code Red : Stack Smash in bind 9.3.3
Neil Kettle
mu-b at 65535.com
Fri Jan 12 11:50:55 UTC 2007
hmmm, it is rather interesting that you should say that as I do know
that there exists a bind9.x remote root 0day exploit. However, I do not
have a copy nor know where the vulnerability is, but can definitely
confirm that an exploit exists.
Do you have a more detailed stack trace?, I have been performing an audit
of the bind9 sources and found a couple of issues, one off-by-one in named
(that may be reachable, but appears non-exploitable) and another complete
smash that is totally unexploitable.
--
---------------------------------------------------------------------------
mu-b
More information about the bind-users
mailing list