FreeBSD Security Advisory FreeBSD-SA-08:02.libc
Gregory Shapiro
gshapiro at freebsd.org
Mon Jan 14 21:25:16 PST 2008
>> Topic: inet_network() buffer overflow
>
> For the "usual suspects" of applications running, (e.g. sendmail, apache,
> BIND etc) would it be possible to pass crafted packets through to this
> function remotely via those apps ? ie how easy is this to do ?
Speaking solely for sendmail, this issue does not appear to impact
sendmail or any utilities/libraries in the sendmail distribution.
Nothing in the sendmail distribution calls inet_network() or getnet*()
(which appears to use inet_network() in libc).
More information about the freebsd-security
mailing list