Re: [Full-disclosure] Solaris 10 /usr/sbin/traceroute vulnerabilities
Przemyslaw Frasunek napisał(a):
> Another vulnerability is heap corruption after malformed -s argument:
I've forgotten to provide an example:
atari:root:/home/venglin# traceroute -s 1.1.1.1. 127.0.0.1
traceroute: 4.0.0.0 is an invalid IPv4 source address
Segmentation fault (core dumped)
--
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NICHDL: PMF9-RIPE *
* JID: venglin@xxxxxxxxxxxxxxx ** PGP ID: 2578FCAD ** HAM-RADIO: SQ8JIV *