National Institute of Standards and Technology
Package illustrating a test case

Test case 1290


nslookupComplain vulnerability: CA-2001-02.
Patched version.
From MIT benchmarks (models/bind/b4)
Unchecked sprintf call. An attacker may be able to construct a long query that
overflows the stack buffer and overwrites the return address of
nslookupComplain with the address of the attacker"s shell code.
Patched file: ns-lookup-ok.c
Patched line number: 140, 154


Test Suites

Have any comments on this test case? Please, send us an email.