关联漏洞
标题:Microsoft Hyper-V 代码注入漏洞 (CVE-2021-28476)Description:Microsoft Hyper-V是美国微软(Microsoft)公司的一个应用程序。一种系统管理程序虚拟化技术,能够实现桌面虚拟化。 Microsoft Hyper-V存在代码注入漏洞。以下产品和版本受到影响:Windows 10 Version 1803 for x64-based Systems,Windows 10 Version 1809 for x64-based Systems,Windows Server 2019,Windows Server 2019 (Server Core inst
介绍
# CVE-2021-28476: Microsoft Hyper-V: Multiple Vulnerabilities in vmswitch
Multiple bugs are present in WPP code when handling set OID requests, one of them allowing to dereference (read access) an attacker controlled pointer, and the rest causing out of bounds read accesses. This repository contains the proof-of-concept code to trigger the identified issues.
A full technical description of the issues can be found at https://labs.bluefrostsecurity.de/advisories/bfs-sa-2021-001/
文件快照
[4.0K] /data/pocs/ff9afc96080057efd404d8547d4049e359d4804d
├── [4.1K] poc.patch
└── [ 483] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。