CVE-2016-2338 PoC — Ruby 缓冲区错误漏洞

Source

https://github.com/SpiralBL0CK/CVE-2016-2338-nday

Associated Vulnerability

Title:Ruby 缓冲区错误漏洞 (CVE-2016-2338)
Description:Ruby是松本行弘个人开发者的一种跨平台、面向对象的动态类型编程语言。 Ruby 2.3.0 dev版本和2.2.2版本的‘pack_pack’函数中存在安全漏洞。攻击者可借助特制的对象利用该漏洞执行任意代码。

Description

CVE-2016-2338 Use-after-free nday full exploit

Readme

# CVE-2016-2338-nday
CVE-2016-2338 nday full exploit

File Snapshot


 [4.0K]  /data/pocs/c2bb37e7fdedef0f30348f7a1b614dea64b97020
├── [1.7K]  exploit.rb
└── [  53]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!