[Full-disclosure] [iputils] Integer overflow in iputils ping/ping6 tools
djahandarie at gmail.com
Tue Mar 13 22:30:50 GMT 2012
On Tue, Mar 13, 2012 at 18:17, Marcus Meissner <meissner at suse.de> wrote:
> How is this different from writing a fork bomb?
I could imagine applications which accept ping interval and do not
filter it. That's a class of application which would not be affected
by a fork bomb (since they do not allow execution of arbitrary
commands), but would be affect by this (as long as the user is allowed
to alter the ping interval).
But yes, it seems like a fairly small affected class of applications.
Fun hole though, and no sense in leaving it unpatched.
Full-Disclosure is hosted and sponsored by Secunia.