Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2017-9430

Published: 05/06/2017 Updated: 12/08/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 761
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Dnstracer

Vulnerability Summary

Stack-based buffer overflow in dnstracer up to and including 1.9 allows malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv[0]. An example threat model is a web application that launches dnstracer with an untrusted name string.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

dnstracer project dnstracer

Exploits

Exploit DB: DNSTracer 1.9 - Local Buffer Overflow
# Exploit Title: DNSTracer 19 - Buffer Overflow # Google Dork: [if applicable] # Date: 03-08-2017 # Exploit Author: j0lama # Vendor Homepage: wwwmavetjuorg/unix/dnstracerphp # Software Link: wwwmavetjuorg/download/dnstracer-19targz # Version: 19 # Tested on: Ubuntu 1204 # CVE : CVE-2017-9430 # Bug report: wwwexploi ...
Exploit DB: DNSTracer 1.8.1 - Buffer Overflow (PoC)
################ #Exploit Title: DNSTracer Stack-based Buffer Overflow #CVE: CVE-2017-9430 #CWE: CWE-119 #Exploit Author: Hosein Askari (FarazPajohan) #Vendor HomePage: wwwmavetjuorg #Version : 181 #Tested on: Parrot OS #Date: 04-06-2017 #Category: Application #Author Mail : hoseinaskari@aolcom #Description: Stack-based buffer overflo ...
Exploit DB: DNSTracer 1.8.1 Buffer Overflow
DNSTracer version 181 suffers from a buffer overflow vulnerability ...
Exploit DB: DNSTracer 1.9 Buffer Overflow
DNSTracer version 19 suffers from a buffer overflow vulnerability ...

Github Repositories

https://github.com/migraine-sudo/Exploit-to-DnsTracerv1.9

One Exploit to DnsTracerv1.9

Exploit-to-DnsTracer v19 One Exploit to DnsTracerv19 BufferOverflow CVE-2017-9430 wwwexploit-dbcom/exploits/42424 Download $ wget wwwmavetjuorg/download/dnstracer-19targz $ tar zxvf dnstracer-19targz $ cd dnstracer-19 $ /confugure $ make && sudo make install $vim Makefile CFLAGS = -g -O2 -m32 -fno-stack-protector -Wl,-zexecstack -D_F

https://github.com/j0lama/Dnstracer-1.9-Fix

CVE-2017-9430 Fix

Dnstracer-19-Fix dnstracer dnstracer determines where a given Domain Name Server (DNS) gets its information from for a given hostname, and follows the chain of DNS servers back to the authoritative answer Problem Stack-based buffer overflow in dnstracer through 19 allows attackers to execute arbitrary code via a command line with a long name argument that is mishandled in a

https://github.com/homjxi0e/CVE-2017-9430

i,am Gihad from Libya !! DNSTracer-181---Buffer-Overflow CVE-2017-9430 What Stack-based buffer overflow in dnstracer through 19 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv[0] An example threat model is a web application t

References

CWE-119https://cxsecurity.com/issue/WLB-2017060030https://www.exploit-db.com/exploits/42115/https://packetstormsecurity.com/files/142799/DNSTracer-1.8.1-Buffer-Overflow.htmlhttps://www.exploit-db.com/exploits/42424/https://nvd.nist.govhttps://github.com/migraine-sudo/Exploit-to-DnsTracerv1.9https://www.exploit-db.com/exploits/42424/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook