Re: FreeBSD Security Advisory FreeBSD-SA-08:02.libc
At 12:22 AM 1/15/2008, Mark Andrews wrote:
> >
> > For the "usual suspects" of applications running, (e.g. sendmail,
> > apache, BIND etc) would it be possible to pass crafted packets
> > through to this function remotely via those apps ? ie how easy
> is this to do
> > ?
>
> The usual suspects don't call inet_network().
> route calls inet_network() but not routed doesn't.
Thanks to all who responded so far! I had a look at some of the
ports I am using and so far all I found was
find . -name "*.c" | xargs grep inet_network
../apache13-modssl/work/apache_1.3.33/src/modules/proxy/proxy_util.c:
if (host[i] == '\0' && (ap_inet_addr(host) == -1 || inet_network(host) == -1))
---Mike
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 5 之 6 篇):