支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2024-2961 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
跨界内存写
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
GNU C Library 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
GNU C Library(glibc,libc6)是一种按照LGPL许可协议发布的开源免费的C语言编译程序。 GNU C Library 2.39 及之前版本存在安全漏洞,该漏洞源于 iconv() 函数可能会缓冲区溢出,导致应用程序崩溃或覆盖相邻变量。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
厂商产品影响版本CPE订阅
The GNU C Libraryglibc 2.1.93 ~ 2.40 -
二、漏洞 CVE-2024-2961 的公开POC
#POC 描述源链接神龙链接
1Quick mitigation script https://github.com/mattaperkins/FIX-CVE-2024-2961POC详情
2CVE-2024–2961 Security Issue Mitigation Scripthttps://github.com/rvizx/CVE-2024-2961POC详情
3Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()https://github.com/ambionics/cnext-exploitsPOC详情
4Bash script to patch for CVE-2024-2961https://github.com/absolutedesignltd/iconvfixPOC详情
5This repository contains a C program to test for CVE-2024-2961, a buffer overflow vulnerability in the iconv() function of glibc.https://github.com/exfil0/test_iconvPOC详情
6Nonehttps://github.com/tnishiox/cve-2024-2961POC详情
7Nonehttps://github.com/kjdfklha/CVE-2024-2961_pocPOC详情
8This script demonstrates a proof-of-concept (PoC) for exploiting a file read vulnerability in the iconv library, as detailed in Ambionics Security's blog https://www.ambionics.io/blog/iconv-cve-2024-2961-p1.https://github.com/kyotozx/CVE-2024-2961-Remote-File-ReadPOC详情
9Uses CVE-2024-2961 to perform an arbitrary file readhttps://github.com/4wayhandshake/CVE-2024-2961POC详情
10CVE-2024-2961 Cnext RCE Exploit with Buddyforms 2.7.7https://github.com/suce0155/CVE-2024-2961_buddyforms_2.7.7POC详情
11To use, implement the Remote class, which tells the exploit how to send the payload.https://github.com/regantemudo/PHP-file-read-to-RCE-CVE-2024-2961-POC详情
12PHP Local File Read vulnerability leading to Remote Code Execution https://github.com/projectdiscovery/nuclei-templates/blob/main/dast/cves/2024/CVE-2024-2961.yamlPOC详情
13Nonehttps://github.com/Threekiii/Awesome-POC/blob/master/%E5%BC%80%E5%8F%91%E8%AF%AD%E8%A8%80%E6%BC%8F%E6%B4%9E/PHP%20%E5%88%A9%E7%94%A8%20GNU%20C%20Iconv%20%E5%B0%86%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%8F%90%E5%8D%87%E8%87%B3%20RCE%20CVE-2024-2961.mdPOC详情
14https://github.com/vulhub/vulhub/blob/master/php/CVE-2024-2961/README.mdPOC详情
15Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()https://github.com/scriptSails/glibcsPOC详情
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC
三、漏洞 CVE-2024-2961 的情报信息
Please 登录 to view more intelligence information
IV. Related Vulnerabilities
Same product: glibc
Same vendor: The GNU C Library
Same weakness: CWE-787
V. Comments for CVE-2024-2961

暂无评论

发表评论