多个Perl System函数调用实现缓冲区溢出漏洞

多个Perl System函数调用实现缓冲区溢出漏洞

漏洞ID 1107957 漏洞类型 边界条件错误
发布时间 2004-05-18 更新时间 2005-10-20
图片[1]-多个Perl System函数调用实现缓冲区溢出漏洞-安全小百科CVE编号 CVE-2004-2022
图片[2]-多个Perl System函数调用实现缓冲区溢出漏洞-安全小百科CNNVD-ID CNNVD-200412-785
漏洞平台 Windows CVSS评分 2.1
|漏洞来源
https://www.exploit-db.com/exploits/24128
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-785
|漏洞详情
Perl是流行的跨平台编程语言。ActiveStatePerl和Perlforcygwin在传递数据给Perlsystem()函数调用时缺少正确边界缓冲区检查,远程攻击者可以利用这个漏洞以调用应用程序进程在系统上执行任意指令。提交超长数据作为system()函数参数,会导致发生缓冲区溢出,精心构建提交数据可能以调用应用程序进程在系统上执行任意指令。
|漏洞EXP
source: http://www.securityfocus.com/bid/10375/info

ActiveState Perl and Perl for cygwin are both reported to be prone to a buffer overflow vulnerability. 

The issue is reported to exist due to a lack of sufficient bounds checking that is performed on data that is passed to a Perl system() function call. This vulnerability may permit an attacker to influence execution flow of a vulnerable Perl script to ultimately execute arbitrary code. Arbitrary code execution will occur in the context of the user who is running the malicious Perl script.

perl -e "$a="A" x 256; system($a)"
|参考资料

来源:XF
名称:perl-system-bo(16169)
链接:http://xforce.iss.net/xforce/xfdb/16169
来源:BID
名称:10375
链接:http://www.securityfocus.com/bid/10375
来源:www.perlmonks.org
链接:http://www.perlmonks.org/index.pl?node_id=354145
来源:www.oliverkarow.de
链接:http://www.oliverkarow.de/research/ActivePerlSystemBOF.txt
来源:FULLDISC
名称:20040518Re:BufferOverflowinActivePerl?
链接:http://marc.theaimsgroup.com/?l=full-disclosure&m;=108489112131099&w;=2
来源:FULLDISC
名称:20040517RE:BufferOverflowinActivePerl?
链接:http://marc.theaimsgroup.com/?l=full-disclosure&m;=108483058514596&w;=2
来源:FULLDISC
名称:20040517BufferOverflowinActivePerl?
链接:http://marc.theaimsgroup.com/?l=full-disclosure&m;=108482796105922&w;=2
来源:BUGTRAQ
名称:20040518RE:[Full-Disclosure]Re:BufferOverflowinActivePerl?
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=108489894009025&w;=2
来源:FULLDISC
名称:20040518Re[2]:[Full-Disclosure]BufferOverflowinActivePerl?
链接:http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0905.html
来源:NSFOCUS
名称:6463
链接:http://www.nsfocus.net/

相关推荐: Oracle Formsbuilder 信息泄露漏洞

Oracle Formsbuilder 信息泄露漏洞 漏洞ID 1198643 漏洞类型 未知 发布时间 2005-07-18 更新时间 2005-07-18 CVE编号 CVE-2005-2293 CNNVD-ID CNNVD-200507-188 漏洞平台…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享