CVE-2014-0075 PoC — Apache Tomcat 数字错误漏洞

Source

https://github.com/LiviuPtr/CVE-2014-0075_PoC

Associated Vulnerability

Title:Apache Tomcat 数字错误漏洞 (CVE-2014-0075)
Description:Apache Tomcat是美国阿帕奇（Apache）软件基金会的一款轻量级Web应用服务器。该程序实现了对Servlet和JavaServer Page（JSP）的支持。 Apache Tomcat中的java/org/apache/coyote/http11/filters/ChunkedInputFilter.java文件中的‘parseChunkHeader’函数存在整数溢出漏洞。远程攻击者可借助畸形的块数据利用该漏洞造成拒绝服务（资源消耗）。以下版本受到影响：Apache Tomcat 6.0.

Description

This is a simple PoC written n python that demonstrates the DoS through integer overflow.

File Snapshot


 None

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!