CVE-2017-9430

CRITICAL

dnstracer < 1.9 - Stack-based Buffer Overflow via Long Command Line Argument

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2017-9430. PoCs published by FarazPajohan, j0lama, homjxi0e.

AI-analyzed exploit summary This exploit demonstrates a stack-based buffer overflow in DNSTracer 1.8.1 via a long command-line argument, leading to a denial of service (DoS). The PoC uses a Python one-liner to generate a 1025-character string, triggering the overflow in a strcpy call for argv[0].

Description

Stack-based buffer overflow in dnstracer through 1.9 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv[0]. An example threat model is a web application that launches dnstracer with an untrusted name string.

Exploits (4)

exploitdb WORKING POC VERIFIED
by FarazPajohan · textdoslinux
https://www.exploit-db.com/exploits/42115

This exploit demonstrates a stack-based buffer overflow in DNSTracer 1.8.1 via a long command-line argument, leading to a denial of service (DoS). The PoC uses a Python one-liner to generate a 1025-character string, triggering the overflow in a strcpy call for argv[0].

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: DNSTracer 1.8.1
No auth needed
Prerequisites: DNSTracer 1.8.1 installed on the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by j0lama · pythonlocallinux
https://www.exploit-db.com/exploits/42424

This exploit demonstrates a stack-based buffer overflow in DNSTracer 1.9, leveraging a crafted input to overwrite the EIP and execute shellcode for arbitrary command execution. The PoC includes NOP sleds, shellcode, and a hardcoded return address to trigger the vulnerability.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: DNSTracer 1.9
No auth needed
Prerequisites: DNSTracer 1.9 compiled without stack protections · Local execution environment
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by j0lama · poc
https://github.com/j0lama/Dnstracer-1.9-Fix

This repository contains a proof-of-concept for CVE-2017-9430, a stack-based buffer overflow in dnstracer through 1.9. The vulnerability is triggered by a long command-line argument that is mishandled in a strcpy call for argv[0]. The fix involves checking the length of argv[0] before copying it.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: dnstracer through 1.9
No auth needed
Prerequisites: Access to execute dnstracer with a long command-line argument
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by homjxi0e · poc
https://github.com/homjxi0e/CVE-2017-9430

This repository contains a proof-of-concept for CVE-2017-9430, a stack-based buffer overflow in dnstracer through 1.9. The exploit leverages a long command-line argument to trigger a crash or potential arbitrary code execution via a mishandled strcpy call for argv[0].

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: dnstracer through 1.9
No auth needed
Prerequisites: dnstracer installed on the target system · ability to execute commands on the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/42115/
Third Party Advisory x_refsource_misc
https://cxsecurity.com/issue/WLB-2017060030
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/42424/

Scores

CVSS v3 9.8
EPSS 0.1132
EPSS Percentile 95.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (1)
dnstracer_project/dnstracer < 1.9
Published Jun 05, 2017
Tracked Since Feb 18, 2026