Bugtraq mailing list archives

Re: Nanog traceroute format string exploit.

From: Ryan Mansager <rmger () nrez net>
Date: Tue, 23 Jul 2002 16:01:36 -0700


----- Forwarded message from Ehud gavron <gavron () wetwork net> -----

From: Ehud gavron <gavron () wetwork net>
Subject: New NANOG traceroute (fixes -T compromise)
To: nanog () merit edu
Date: Tue, 23 Jul 2002 15:03:34 -0700
Organization: WetWork


The new NANOG traceroute (also known as TrACESroute)
is now available.  It fixes the latest "security" compromise
detailed on Bugtraq and on SUSE security focus at
http://online.securityfocus.com/advisories/2740

Ehud Gavron
gavron () wetwork net

Directory:
ftp://ftp.login.com/pub/software/traceroute/beta/

Code:
ftp://ftp.login.com/pub/software/traceroute/beta/traceroute.c

Directions:
ftp://ftp.login.com/pub/software/traceroute/beta/0_readme.txt

Current thread:

Nanog traceroute format string exploit. SpaceWalker (Jul 22)
- Re: Nanog traceroute format string exploit. Ryan Mansager (Jul 23)
- Re: Nanog traceroute format string exploit. Olaf Kirch (Jul 24)