Home
My Page
Projects
OpenVAS

[#1561] SIGSEGV when forging IP packets

Date:
2010-08-22 08:16
Priority:
3
State:
Open
Submitted by:
Vlatko Kosturjak (kost)
Assigned to:
Nobody (None)
Architecture:
32 bits
Product:
OpenVAS
Operating System:
Linux
Component:
openvas-scanner
Version:
None
Severity:
major
Resolution:
None
Hardware:
PC
URL:
 
Summary:
SIGSEGV when forging IP packets

Detailed description
SVN trunk version (r8873)



# openvas-nasl -X -t 192.168.9.10 portscan-tcp-syn-simple.nasl

This portscanner is EXPERIMENTAL and you should NOT RELY ON it if you don't know what you're doing. If you are sure what you're doing - you should turn on experimental_scripts option in preferences in order to turn off this warning.

[26641] plug_set_key:internal_send(0)['1 SentData/(null)/LOG=This portscanner is EXPERIMENTAL and you should NOT RELY ON it if you don't know what you're doing. If you are sure what you're doing - you should turn on experimental_scripts option in preferences in order to turn off this warning.;

']: Socket operation on non-socket

[26641] plug_set_key:internal_send(0)['3 Success/(null)=1;

']: Socket operation on non-socket

Segmentation fault



# gdb openvas-nasl

GNU gdb (GDB) 7.1-ubuntu

Copyright (C) 2010 Free Software Foundation, Inc.

License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>

This is free software: you are free to change and redistribute it.

There is NO WARRANTY, to the extent permitted by law. Type "show copying"

and "show warranty" for details.

This GDB was configured as "i486-linux-gnu".

For bug reporting instructions, please see:

<http://www.gnu.org/software/gdb/bugs/>...

Reading symbols from /opt/openvas-svn-2010-08-20/bin/openvas-nasl...done.

(gdb) r -X -t 192.168.9.5 portscan-tcp-syn-simple.nasl

Starting program: /opt/openvas-svn-2010-08-20/bin/openvas-nasl -X -t 192.168.9.5 portscan-tcp-syn-simple.nasl

This portscanner is EXPERIMENTAL and you should NOT RELY ON it if you don't know what you're doing. If you are sure what you're doing - you should turn on experimental_scripts option in preferences in order to turn off this warning.

[26938] plug_set_key:internal_send(0)['1 SentData/(null)/LOG=This portscanner is EXPERIMENTAL and you should NOT RELY ON it if you don't know what you're doing. If you are sure what you're doing - you should turn on experimental_scripts option in preferences in order to turn off this warning.;

']: Socket operation on non-socket

[26938] plug_set_key:internal_send(0)['3 Success/(null)=1;

']: Socket operation on non-socket



Program received signal SIGSEGV, Segmentation fault.

0x0025c394 in v6_getinterfaces (howmany=0xbfffe648) at /tmp/openvas-trunk/openvas-libraries/misc/pcap.c:685

685 family = ifa->ifa_addr->sa_family;

(gdb) bt

#0 0x0025c394 in v6_getinterfaces (howmany=0xbfffe648) at /tmp/openvas-trunk/openvas-libraries/misc/pcap.c:685

#1 0x0025bd43 in v6_ipaddr2devname (dev=0xbfffe68c "\250\005\375\267\071\036\022", sz=128, addr=0x80a89e8)

at /tmp/openvas-trunk/openvas-libraries/misc/pcap.c:441

#2 0x0025bfd0 in v6_islocalhost (addr=0x80a89e8) at /tmp/openvas-trunk/openvas-libraries/misc/pcap.c:522

#3 0x080804a5 in nasl_this_host (lexic=0x80b3060) at /tmp/openvas-trunk/openvas-libraries/nasl/nasl_host.c:225

#4 0x080571be in nasl_func_call (lexic=0x80aefb0, f=0x80b02a8, arg_list=0x0) at /tmp/openvas-trunk/openvas-libraries/nasl/nasl_func.c:282

#5 0x08054c60 in nasl_exec (lexic=0x80aefb0, st=0x80aaa38) at /tmp/openvas-trunk/openvas-libraries/nasl/exec.c:1122

#6 0x08052c5e in cell2atom (lexic=0x80aefb0, c1=0x80aaa38) at /tmp/openvas-trunk/openvas-libraries/nasl/exec.c:309

#7 0x08056fc4 in nasl_func_call (lexic=0x80aefb0, f=0x80b0be8, arg_list=0x80aa778) at /tmp/openvas-trunk/openvas-libraries/nasl/nasl_func.c:228

#8 0x08054c60 in nasl_exec (lexic=0x80aefb0, st=0x80aaa88) at /tmp/openvas-trunk/openvas-libraries/nasl/exec.c:1122

#9 0x08054dc2 in nasl_exec (lexic=0x80aefb0, st=0x80aaab0) at /tmp/openvas-trunk/openvas-libraries/nasl/exec.c:1184

#10 0x0805478d in nasl_exec (lexic=0x80aefb0, st=0x80aee98) at /tmp/openvas-trunk/openvas-libraries/nasl/exec.c:929

#11 0x080547de in nasl_exec (lexic=0x80aefb0, st=0x80aeec0) at /tmp/openvas-trunk/openvas-libraries/nasl/exec.c:937

#12 0x080547de in nasl_exec (lexic=0x80aefb0, st=0x80aeee8) at /tmp/openvas-trunk/openvas-libraries/nasl/exec.c:937

#13 0x080547de in nasl_exec (lexic=0x80aefb0, st=0x80aef10) at /tmp/openvas-trunk/openvas-libraries/nasl/exec.c:937

#14 0x080547de in nasl_exec (lexic=0x80aefb0, st=0x80aef38) at /tmp/openvas-trunk/openvas-libraries/nasl/exec.c:937

#15 0x080547de in nasl_exec (lexic=0x80aefb0, st=0x80aef60) at /tmp/openvas-trunk/openvas-libraries/nasl/exec.c:937

#16 0x080547de in nasl_exec (lexic=0x80aefb0, st=0x80aef88) at /tmp/openvas-trunk/openvas-libraries/nasl/exec.c:937

#17 0x0805664c in exec_nasl_script (script_infos=0x809a0b8, name=0x809ab20 "portscan-tcp-syn-simple.nasl", mode=24)

at /tmp/openvas-trunk/openvas-libraries/nasl/exec.c:1904

#18 0x08052799 in main (argc=1, argv=0xbffff724) at /tmp/openvas-trunk/openvas-libraries/nasl/nasl.c:246

(gdb)

Followup

No Followups Have Been Posted

Attached Files:

Changes:

No Changes Have Been Made to This Item


This site is hosted by Intevation GmbH
(Datenschutzerklärung und Impressum | Privacy Policy and Imprint)