CVE-2002-0082 PoC — Apache-SSL和mod_ssl 安全漏洞

Source

https://github.com/ratiros01/CVE-2002-0082

Associated Vulnerability

Title:Apache-SSL和mod_ssl 安全漏洞 (CVE-2002-0082)
Description:Apache-SSL是美国Apache软件基金会的一个Apache服务器上的SSL实现，用来为Apache Web服务器提供加密支持。它利用OpenSSL来完成SSL实现。mod_ssl是mod_ssl项目的一个Apache服务器上的SSL实现，用来为Apache Web服务器提供加密支持。它利用OpenSSL来完成SSL实现。 mod_ssl 2.8.7-1.3.23之前版本和Apache-SSL 1.3.22+1.46之前版本中的dbm和shm会话缓存代码存在安全漏洞。攻击者可利用该漏洞执行任意代码。

Description

CVE-2002-0082

Readme

Fix https://www.exploit-db.com/exploits/764 : Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuckV2.c' Remote Buffer Overflow (1)
Credit : https://blog.hypn.za.net/2017/08/27/compiling-exploit-764-c-in-2017/

Dont forget to:
apt-get install libssl-dev

Compile:
gcc -o 764 764.c -lcrypto

File Snapshot


 [4.0K]  /data/pocs/4e53c44abb8514eb66f63a2ed32340cb7e2ad9de
├── [ 32K]  764.c
└── [ 279]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!