AntiSniff DNS Overflow Vulnerability
TITLE: AntiSniff DNS Overflow Vulnerability
CLASS: Boundary Condition Error
CVE:
REMOTE: Yes
LOCAL: Yes
PUBLISHED: May 16 2000 12:00AM
UPDATE: May 16 2000 12:00AM
CREDIT: This problem was discovered by Hugo Breton (bretonh@pgci.ca) who works for PGCI http://www.pgci.ca and was published by L0pht/@Stake in a vendor advisory 5.15.2000.
VULNERABLE:
@Stake AntiSniff - Researchers Version 1.0
@Stake AntiSniff 1.0.1
NOT VULNERABLE:
Vai alla pagina originale su Security Focus
Discussion
Certain versions of @Stake Inc.'s Antisniffer software contain a remotely exploitable buffer overflow. AntiSniff is a program that was released by L0pht Heavy Industries in July of 1999. It attempts, through a number of tests, to determine if a machine on a local network segment is listening to traffic that is not directed to it (commonly referred to as sniffing). During one particular test there is a problem if a packet that does not adhere to DNS specifications is sent to the AntiSniff machine. This can result in a buffer overflow on the system running AntiSniff. If the packet is crafted appropriately this overflow scenario can be exploited to execute arbitrary code on the system.
This scenario is only possible if AntiSniff is configured to run the DNS test and only during the time the test is running. Nonetheless, it is a vulnerability that should not be ignored and has even been found in other promiscuous mode detection programs as well.
NOTE:
This information was taken verbatim from the L0pht advisory on the subject. This advisory is attached in full in the 'Credit' section of this advisory.
Exploit
exploit available
Solution
Solution:
Immediate Solution:
Do not run the DNS tests on AntiSniff version 1.01 or the Researchers version 1.0. Download the newer version from http://www.l0pht.com/antisniff which are labeled AntiSniff version 1.02 for the commercial instance and AntiSniff version 1-1 for the researchers instance.
@Stake AntiSniff - Researchers Version 1.0
@Stake AntiSniff 1.0.1
References
References:
Keywords for this page:
AntiSniffer (download) (from google) first seen: 2006-03-25 20:06:18
antisniffer download (from google) first seen: 2007-08-01 23:54:39 hit: 15
antisniffer (from google) first seen: 2007-09-04 21:19:37 hit: 4
antisniffer 1 01 (from google) first seen: 2007-09-19 05:15:58 hit: 2
t (from google) first seen: 2007-10-01 14:28:58 hit: 5
@stake antisniff is (from google) first seen: 2007-11-06 21:01:59
download antisniffer (from google) first seen: 2007-11-17 17:38:02 hit: 8
antisniffer l0pht download (from google) first seen: 2007-12-19 21:07:53
antisniff 1 0 (from google) first seen: 2008-03-21 20:02:54
download @stake antisniff (from google) first seen: 2008-03-28 17:48:43
anti-sniffer download (from google) first seen: 2008-03-30 14:20:45
ownload antisniff (from google) first seen: 2008-04-13 18:06:05
l0pht antisniff download 1 02 (from google) first seen: 2008-04-17 13:24:12
antisniff (from google) first seen: 2008-04-19 07:55:46 hit: 2
antisniff download (from google) first seen: 2008-04-25 08:52:19 hit: 19
f (from google) first seen: 2008-04-30 00:28:15 hit: 2
download antisniff (from google) first seen: 2008-05-05 20:11:31 hit: 15
download (from google) first seen: 2008-05-05 22:53:08
download stake antisniff (from google) first seen: 2008-05-07 10:21:05
antisniff 1 0 free download (from google) first seen: 2008-05-11 17:06:16
programas antisniffer (from google) first seen: 2008-05-22 03:27:07
@stake antisniff (from google) first seen: 2008-05-23 18:20:31
lopht antisniffer (from google) first seen: 2008-06-02 18:13:17 hit: 2
dns overflow tester (from google) first seen: 2008-06-03 14:48:28
antisniff 2008 (from google) first seen: 2008-06-06 20:42:14
l0pht antisniff (from google) first seen: 2008-06-07 18:27:58 hit: 4
antisniffer freeware (from google) first seen: 2008-06-09 09:23:20
lopht antisniff (from google) first seen: 2008-06-11 19:57:06 hit: 4
antisniff for windows download (from google) first seen: 2008-06-15 08:30:37
lopht antisniff (from google) first seen: 2008-06-15 15:40:49
antisniff dns exploit (from google) first seen: 2008-06-16 09:24:33
lopht anti-sniffer usage (from google) first seen: 2008-06-25 08:11:52
l0pht anti sniffer (from google) first seen: 2008-06-26 02:11:28 hit: 3
antisniffer free (from google) first seen: 2008-06-26 19:38:14
linux l0pht com download antisniff (from google) first seen: 2008-06-27 01:10:42
antisniff windows (from google) first seen: 2008-06-27 19:01:50 hit: 2
anti-sniff download (from google) first seen: 2008-07-03 15:15:59
download lopht antisniff (from google) first seen: 2008-07-12 08:00:13 hit: 3
anti sniffer (from google) first seen: 2008-07-14 16:50:36
antisniffer freeware (from google) first seen: 2008-07-15 22:50:26
free download antisniff full (from google) first seen: 2008-07-16 09:40:56
download l0pht antisniff (from google) first seen: 2008-07-18 04:03:02
download lopht (from google) first seen: 2008-07-18 18:05:00 hit: 3
dns vulnerability exploit 2008 (from google) first seen: 2008-07-22 20:13:42
anti sniffer download (from google) first seen: 2008-07-25 23:23:47 hit: 2
antisniff freeware (from google) first seen: 2008-07-29 11:16:48 hit: 3
l0pht antisniff tool download (from google) first seen: 2008-07-29 13:52:47
antisniffer para linux (from google) first seen: 2008-08-04 02:16:22
www bnlug org (from google) first seen: 2008-08-10 22:19:22 hit: 2
free anti sniff download (from google) first seen: 2008-08-14 19:02:32
antisniff linux download (from google) first seen: 2008-08-14 22:20:46
l0pht antisniff software download (from google) first seen: 2008-08-16 15:47:54
antisniff full (from google) first seen: 2008-08-23 22:55:25
antisniff tool free download (from google) first seen: 2008-08-24 15:08:33
antisniff download 1 01 (from google) first seen: 2008-09-05 18:40:56
antisniffer linux (from google) first seen: 2008-09-05 19:33:35 hit: 2
antisniff linux (from google) first seen: 2008-09-06 07:14:05 hit: 2
antisniffer in linux (from google) first seen: 2008-09-07 16:32:13
antisniff software (from google) first seen: 2008-09-10 15:33:30
dns overflow (from google) first seen: 2008-09-12 09:32:06
antisniff 1 02 download (from google) first seen: 2008-09-19 04:44:59
anti-sniffer for linux (from google) first seen: 2008-10-01 09:12:53
lopht antisniff download (from google) first seen: 2008-10-01 19:45:07
anti sniff free download (from google) first seen: 2008-10-01 21:20:47
dns test for anti sniffer (from google) first seen: 2008-10-06 15:40:25
dns test on anti sniffer (from google) first seen: 2008-10-06 15:53:36
dns test on antisniff (from google) first seen: 2008-10-07 00:14:08
free download antisniff (from google) first seen: 2008-10-08 06:52:21
antisniff download windows (from google) first seen: 2008-10-12 16:53:31
antisniff blog (from google) first seen: 2008-10-17 15:39:06
l0pht download (from google) first seen: 2008-10-21 14:39:23
download antisniff 1 02 (from google) first seen: 2008-10-21 22:16:21
lopht anti sniffer (from google) first seen: 2008-10-26 13:53:04
dns detection method in anti sniffer (from google) first seen: 2008-10-29 18:15:42
anti sniffer free dowload (from google) first seen: 2008-11-19 17:28:55
GoogleBot visited this page on: 2008-11-16 21:06:14