[转载]NetCat Remote Critical Vulnerability (Poc inside)
信息来源:securityfocusProduct: Netcat - nc11nt.zip
Vendor Url: [url]http://www.securityfocus.com/tools/139/scoreit[/url]
Version: Netcat v1.1
Vulnerability: Remote stack overflow in the DNS control part
Release Date: 26 December, 2004
Vendor Status:
Informed on 10 November 2004
Response: 11 November 2004
No fix
Overview:
The program 'netcat' is an advanced form of the Telnet command when used in
a hackers hands. Netcat is a simple Unix utility which reads
and writes data across network connections, using TCP or UDP protocol. It is
designed to be a reliable "back-end" tool that can be used
directly or easily driven by other programs and scripts. At the same time,
it can also be used as a network debugging and exploration tool,
since it can create almost any kind of connection you would need and has
several interesting built-in capabilities.
Standard input is normally sent to the host, and anything that comes back
across the connection is sent to standard output.
This continues indefinitely, until the network side of the connection shuts
down.
Netcat can also function as a server, by listening for inbound connections
on arbitrary ports and then doing the same reading and writing.
Problem:
1. Stack based Buffer Overflow:
Due to a boundary check bug in the DNS part, sending a client command with
more than
256 bytes will cause a stack buffer overflow.
This vulnerability can compromise several tools working without port
listener as the
the set of tools "uw-imapd" ([url]www.washington.edu/imap/[/url]), loaded with netcat ,
this is tested wulnerable.
Read the PoC code if you need more informations on this vulnerability.
Discovery and Proof Of Concept Exploit by class101 (class101_at_hat-squad.com)
Greetings to Nima Majidi and Behrang Fouladi!
-=Hat-Squad.com=-
----------------------
Exploit:
[url]http://www.eviloctal.com/forum/read.php?tid=6108[/url]
页:
[1]