Test case 1309

Cves: CVE-2002-0906
Type: source code
Pairs: 1310-v1.0.0
State: bad
Author: MIT
Status: candidate
Language: C
Submission Date: 09 Feb 2006

Description

TXT Record Overflow: CVE-2002-0906.
From MIT benchmarks (models/sendmail/s7)
A buffer overflow poses the risk of a denial of service attack or possibly
execution of arbitrary code via a malicious DNS server.
Bad file: txt-dns-file-bad.c
Bad line number: 328, 330
Taxonomy Classification: 0001345202004

Flaws

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

Test Suites

Testing Exploitable Buffer Overflows From Open Source Code

Have any comments on this test case? Please, send us an email.