Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2015-3456 PoC — QEMU Floppy Disk Controller 缓冲区错误漏洞

Source
https://github.com/orf53975/poisonfrog
Associated Vulnerability
Title:QEMU Floppy Disk Controller 缓冲区错误漏洞 (CVE-2015-3456)
Description:QEMU(又名Quick Emulator)是法国程序员法布里斯-贝拉(Fabrice Bellard)所研发的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 Xen 4.5.x及之前版本和KVM中使用的QEMU 2.3.0及之前版本中的Floppy Disk Controller(FDC)存在安全漏洞。本地虚拟机端攻击者可借助特定的命令(FD_CMD_READ_ID或FD_CMD_DRIVE_SPECIFICATION_COMMAND等)利用该漏洞造成拒绝服务(越边界写入和虚拟机崩溃),或执行任意
Description
A VENOM (CVE-2015-3456) Exploit / PoC written in C.
File Snapshot

 [4.0K]  /data/pocs/cb789b2673e03379efc44d93f23dd5686ce2a9e2
└── [ 588]  poisonfrog.c

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.