关联漏洞
标题:libsoup 代码问题漏洞 (CVE-2025-4476)Description:libsoup是GNOME项目的一款GNOME的HTTP客户端/服务器库。 libsoup存在代码问题漏洞,该漏洞源于处理特定构造的WWW-Authenticate标头可能导致客户端应用程序崩溃,可能导致拒绝服务攻击。
介绍
# CVE-2025-4476-Exploit
A small Python test client to send HTTP GET requests with an oversized Authorization: Basic header.
This tool is intended for lab testing and research into header-parsing issues (e.g., null-dereference / crash bugs such as CVE-2025-4476 in libsoup). It demonstrates how a client-server exchange with malformed headers can trigger parsing errors; it is not an exploit framework.
Usage: run against a local or authorized test target only.
Important: use responsibly — do not scan or attack systems without explicit permission.
文件快照
[4.0K] /data/pocs/b015a0342013a559ca051cdb6d4156ed6499b0b0
├── [ 553] README.md
└── [5.3K] send_auth_request.py
1 directory, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。