Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-1000140 PoC — rsyslog librelp 缓冲区错误漏洞

Source
https://github.com/s0/rsyslog-librelp-CVE-2018-1000140-fixed
Associated Vulnerability
Title:rsyslog librelp 缓冲区错误漏洞 (CVE-2018-1000140)
Description:rsyslog librelp是一个RELP协议库,主要用于网络事件记录。 rsyslog librelp 1.2.14及之前版本中x509证书检测存在缓冲区溢出漏洞。远程攻击者可借助特制的x509证书利用该漏洞执行代码。
File Snapshot

 [4.0K]  /data/pocs/3d9b3936dc6bfe95d9f4bf48a1ba2de77f6b2419
├── [  54]  AUTHORS
├── [ 15K]  ChangeLog
├── [4.0K]  CI
│   └── [ 236]  check_codestyle.sh
├── [4.8K]  configure.ac
├── [ 35K]  COPYING
├── [4.0K]  doc
│   ├── [ 21K]  gfdl.html
│   ├── [  33]  Makefile.am
│   └── [ 19K]  relp.html
├── [4.0K]  example
│   ├── [2.0K]  receive.c
│   └── [1.9K]  send.c
├── [4.0K]  m4
│   └── [ 128]  dummy
├── [  79]  Makefile.am
├── [  63]  NEWS
├── [  12]  README
├── [ 232]  relp.pc.in
└── [4.0K]  src
    ├── [1.8K]  cclose.c
    ├── [2.5K]  cmdif.h
    ├── [6.2K]  copen.c
    ├── [1.9K]  cserverclose.c
    ├── [2.4K]  dbllinklist.h
    ├── [ 13K]  librelp.h
    ├── [ 849]  Makefile.am
    ├── [ 11K]  offers.c
    ├── [2.9K]  offers.h
    ├── [ 33K]  relp.c
    ├── [9.8K]  relpclt.c
    ├── [2.5K]  relpclt.h
    ├── [ 16K]  relpframe.c
    ├── [3.1K]  relpframe.h
    ├── [7.7K]  relp.h
    ├── [ 36K]  relpsess.c
    ├── [7.1K]  relpsess.h
    ├── [ 10K]  relpsrv.c
    ├── [2.7K]  relpsrv.h
    ├── [3.7K]  scrsp.c
    ├── [2.6K]  scsyslog.c
    ├── [6.8K]  sendbuf.c
    ├── [2.4K]  sendbuf.h
    ├── [6.8K]  sendq.c
    ├── [2.4K]  sendq.h
    ├── [ 56K]  tcp.c
    └── [6.8K]  tcp.h

5 directories, 42 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.