National Institute of Standards and Technology
Package illustrating a test case

Test case 1289

Description

nslookupComplain vulnerability: CA-2001-02.
From MIT benchmarks (models/bind/b4)
Unchecked sprintf call. An attacker may be able to construct a long query that
overflows the stack buffer and overwrites the return address of
nslookupComplain with the address of the attacker"s shell code.
Bad file: ns-lookup-bad.c
Bad line number: 145, 161.
Taxonomy Classification : 0000306201004

Flaws

Test Suites

Have any comments on this test case? Please, send us an email.