AOH :: HP Unsorted I :: B06-5551.HTM

iodine client 0.3.2 buffer overflow



iodine client 0.3.2 buffer overflow
iodine client 0.3.2 buffer overflow



hi,
iodine client 0.3.2, available at http://code.kryo.se/iodine/ , suffers from a stack-based buffer overflow vulnerability which could result in the execution of arbitrary code. 
A specially crafted dns response sent through an UDP packet can be used to exploit this issue.

cheers
-p

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.