Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

[Advisory] $ -Thu Mar 16 14:06:15 EST 2006- $ Integer Overflow in ISC OpenReg

From: apexpoizen () Safe-mail net
Date: Thu, 16 Mar 2006 19:06:19 +0000 (GMT)



[Advisory] $ -Thu Mar 16 14:06:15 EST 2006- $ Integer Overflow in ISC OpenReg




======================================================
o/ 卍 Description
ISC OpenReg incorrectly parses integer data, and this can be used to execute arbitrary code.

======================================================
卍 \o History
2-28-2006 o/ Vendor Notification.
1-22-2006 o/ Vendor Reply.
3-16-2006 o/ Public Disclosure.
======================================================
Appendix A Vendor Information
http://www.isc.org/index.pl?/sw/openreg/

======================================================
Appendix B References
RFC 3847

======================================================
Contact
apexpoizen () Safe-mail net apexpoizen () Safe-mail net

GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA CAP SSCP 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: