Posadis DNS服务程序存在格式字符串漏洞 CVE-2002-0501 CNNVD-200208-123

7.2 AV AC AU C I A
发布: 2002-08-12
修订: 2008-09-05

Posadis是一款开放源代码的无缓冲DNS服务程序,设计目标是方便使用和配置,运行在Linux、Unix、Microsoft操作系统下。 Posadis在日志函数中存在格式字符串漏洞,可导致攻击者利用此漏洞执行任意代码或者进行拒绝服务攻击。 问题存在于log.cpp的日志函数上: --- void log_print(message_log_level log_level, char *logmsg, ...) { char buff[4096]; long tsecs; struct tm *tstruct; va_list args; /* compile buffer */ tsecs = time(NULL); tstruct = localtime(&tsecs); sprintf(buff, \"\\%04d/\\%02d/\\%02d \\%02d:\\%02d|\", tstruct->tm_year + 1900, tstruct->tm_mon + 1, tstruct->tm_mday, tstruct->tm_hour, tstruct->tm_min); switch (log_level) { case LOG_LEVEL_INFO: strcat(buff, \"INFO: \"); break; case LOG_LEVEL_WARNING: strcat(buff, \"WARNING: \"); break; case LOG_LEVEL_ERROR: strcat(buff, \"ERROR: \"); break; case LOG_LEVEL_PANIC: strcat(buff, \"PANIC: \"); break; } va_start(args, logmsg); vsprintf(&buff[strlen(buff)], logmsg, args); va_end(args); strcat(buff, \"\n\"); /* and print it to various targets */ if (!no_stdout_log) printf(buff); <-- heh if (logfile) fprintf(logfile, buff); <-- heh #ifdef _WIN32...

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有1条受影响产品信息