Stack-based buffer overflow in dnstracer through 1.9 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv[0]. An example threat model is a web application that launches dnstracer with an untrusted name string. References: https://cxsecurity.com/issue/WLB-2017060030 https://www.exploit-db.com/exploits/42115/
Created dnstracer tracking bugs for this issue: Affects: epel-6 [bug 1458796] Affects: fedora-all [bug 1458795]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.