CVE-2016-3962 PoC — 多款Meinberg产品基于栈的缓冲区溢出漏洞

Source

https://github.com/securifera/CVE-2016-3962-Exploit

Associated Vulnerability

Title:多款Meinberg产品基于栈的缓冲区溢出漏洞 (CVE-2016-3962)
Description:Meinberg IMS-LANTIME M3000等都是德国Meinberg公司的NTP时间服务器。多款Meinberg产品的NTP time-server接口中存在基于栈的缓冲区溢出漏洞。远程攻击者可借助POST请求中的参数利用该漏洞获取敏感信息，修改数据或造成拒绝服务。以下产品及版本受到影响：Meinberg IMS-LANTIME M3000、M1000、M500、LANTIME M900、M600、M400、M300、M200、M100、SyncFire 1100、LCES 6.0及之前版本。

Description

CVE-2016-3962-Exploit

Readme

CVE-2016-3962, CVE-2016-3989 POC Exploit
=====

This is a proof of concept exploit for version V5.30p of the web configuration interface for Meinberg NTP Time Server. This exploit also utilitizes
CVE-2016-3989 to escalate to the root user.

More details about the vulnerabilities can be found at:
https://www.securifera.com/advisories/cve-2016-3962-3988-3989/
https://ics-cert.us-cert.gov/advisories/ICSA-16-175-03

File Snapshot


 [4.0K]  /data/pocs/a8ad079846ab98b429925986a3099d6c5777ff20
├── [5.8K]  meinburg_poc.py
└── [ 414]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!