9.8
CVSSv3

CVE-2017-9430

Published: 05/06/2017 Updated: 21/11/2024

Vulnerability Summary

Stack-based buffer overflow in dnstracer up to and including 1.9 allows malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv[0]. An example threat model is a web application that launches dnstracer with an untrusted name string.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

dnstracer project dnstracer

Exploits

# Exploit Title: DNSTracer 19 - Buffer Overflow # Google Dork: [if applicable] # Date: 03-08-2017 # Exploit Author: j0lama # Vendor Homepage: wwwmavetjuorg/unix/dnstracerphp # Software Link: wwwmavetjuorg/download/dnstracer-19targz # Version: 19 # Tested on: Ubuntu 1204 # CVE : CVE-2017-9430 # Bug report: wwwexploi ...
################ #Exploit Title: DNSTracer Stack-based Buffer Overflow #CVE: CVE-2017-9430 #CWE: CWE-119 #Exploit Author: Hosein Askari (FarazPajohan) #Vendor HomePage: wwwmavetjuorg #Version : 181 #Tested on: Parrot OS #Date: 04-06-2017 #Category: Application #Author Mail : hoseinaskari@aolcom #Description: Stack-based buffer overflo ...
DNSTracer version 181 suffers from a buffer overflow vulnerability ...
DNSTracer version 19 suffers from a buffer overflow vulnerability ...

Github Repositories

One Exploit to DnsTracerv1.9

Exploit-to-DnsTracer v19 One Exploit to DnsTracerv19 BufferOverflow CVE-2017-9430 wwwexploit-dbcom/exploits/42424 Download $ wget wwwmavetjuorg/download/dnstracer-19targz $ tar zxvf dnstracer-19targz $ cd dnstracer-19 $ /confugure $ make && sudo make install $vim Makefile CFLAGS = -g -O2 -m32 -fno-stack-protector -Wl,-zexecstack -D_F

i,am Gihad from Libya !! DNSTracer-181---Buffer-Overflow CVE-2017-9430 What Stack-based buffer overflow in dnstracer through 19 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv[0] An example threat model is a web application t

CVE-2017-9430 Fix

Dnstracer-19-Fix dnstracer dnstracer determines where a given Domain Name Server (DNS) gets its information from for a given hostname, and follows the chain of DNS servers back to the authoritative answer Problem Stack-based buffer overflow in dnstracer through 19 allows attackers to execute arbitrary code via a command line with a long name argument that is mishandled in a