CVE-2018-16890 PoC — Haxx libcurl 缓冲区错误漏洞

Source

https://github.com/zjw88282740/CVE-2018-16890

Associated Vulnerability

Title:Haxx libcurl 缓冲区错误漏洞 (CVE-2018-16890)
Description:Haxx libcurl是瑞典Haxx公司的一筐开源的客户端URL传输库。该产品支持FTP、SFTP、TFTP和HTTP等协议。 Haxx libcurl 7.36.0版本至7.64.0版本中的‘lib / vauth / ntlm.c：ntlm_decode_type2_target’函数存在越界读取漏洞，该漏洞源于用于处理传入的NTLM Type-2消息的函数没有正确验证传入的数据。远程攻击者可利用该漏洞获取敏感信息或造成拒绝服务。

Description

CVE-2018-16890

File Snapshot


 None

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!