CVE-2009-0689 PoC — OpenBSD缓冲区溢出漏洞

Source

Associated Vulnerability

Title:OpenBSD缓冲区溢出漏洞 (CVE-2009-0689)
Description:OpenBSD是加拿大OpenBSD（Openbsd）项目组的一套跨平台的、基于BSD的类UNIX操作系统。 OpenBSD、NetBSD、FreeBSD的dtoa实现中存在缓冲区溢出漏洞。在src/lib/libc/gdtoa/gdtoaimp.h中： - ---gdtoaimp.h--- ... #define Kmax 15 ... - ---gdtoaimp.h--- 最大的Kmax长度为15，如果提供了更大的值(如17)，程序就会溢出freelist数组，bss为0x1。以NetBSD为例：

Description

An implementation of CVE-2009-0689 for the Nintendo Wii.

File Snapshot


 [4.0K]  /data/pocs/5546878ab850fbd806375e9e48f380c650e0fa1f
├── [2.1K]  chain_builder.c
├── [1.2K]  create.sh
├── [ 179]  htaccess_handler
├── [  55]  htaccess_redirect
├── [1.5K]  index.html
├── [ 34K]  LICENSE
├── [4.0K]  loader
│   ├── [2.5K]  console.c
│   ├── [ 687]  crt0.s
│   ├── [1.1K]  elf.c
│   ├── [ 723]  exception_2200.s
│   ├── [1.3K]  exception.c
│   ├── [ 943]  font2c.pl
│   ├── [5.5K]  font.png
│   ├── [ 68K]  font.ppm
│   ├── [4.6K]  ios.c
│   ├── [3.9K]  loader.h
│   ├── [ 560]  loader.lds
│   ├── [4.7K]  main.c
│   ├── [1.5K]  Makefile
│   ├── [ 973]  string.c
│   ├── [ 871]  sync.c
│   ├── [ 615]  time.c
│   ├── [ 23K]  tinfl.c
│   └── [3.4K]  video.c
├── [ 322]  loaderstub.lds
├── [ 837]  loaderstub.s
├── [3.2K]  multi_tool.c
├── [4.0K]  payload
│   ├── [1004]  convert_payload.c
│   ├── [ 378]  make_it.sh
│   ├── [1.5K]  pack_payload.c
│   └── [6.2K]  zpipe.c
└── [9.5K]  rd.png

2 directories, 32 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!