Skip to content

Latest commit

 

History

History
 
 

CVE-2004-1257

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
79.abc
79.abc
 
 
README.md
README.md
 
 

README.md

CVE-2004-1257

Experiment Environment

CentOS 6.5

INSTALL & Configuration

mkdir -p abc2mtex
wget https://github.com/mudongliang/source-packages/raw/master/CVE-2004-1257/abc2mtex1.6.1.tar.gz
tar -xvf abc2mtex1.6.1.tar.gz
make

Problems in Installation & Configuration

How to trigger vulnerability

./abc2mtex 79.abc

PoCs

abc2mtex Buffer Overflow in process_abc() Lets Remote Users Execute Arbitrary Code

ABC2MTEX 1.6.1 - Process ABC Key Field Buffer Overflow

NOTE: if you want to get right PoC file content from webpage, you need qprint to decode the content in the webpage.

Vulnerability Details & Patch

Root Cause

In abc.c, process_abc() uses strcat() to copy data from entry->KEY into a 99-byte key[] array; entry->KEY is read by getsIn(), which allows up to 999 bytes of data.

Stack Trace

References

qprint man page