Skip to content

Latest commit

 

History

History
 
 

CVE-2005-4807

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
exploit.c
exploit.c
 
 
exploit.s
exploit.s
 
 
gas_poc.sh
gas_poc.sh
 
 

README.md

CVE-2005-4807

Experiment Environment

Ubuntu 14.04 LTS

INSTALL & Configuration

wget https://github.com/mudongliang/source-packages/raw/master/CVE-2005-4807/binutils-2.12.tar.gz

tar -xvf binutils-2.12.tar.gz
cd binutils-2.12

./configure
make

Problems in Installation & Configuration

/usr/bin/msgfmt: not found

Solution:

Run apt-get install gettext

/usr/bin/ld: cannot find -lfl

Solution:

Run apt-get install flex

How to trigger vulnerability

sh gas_poc.sh > exploit.c
gcc -S -o exploit.s exploit.c
./binutils-2.12/gas/as-new exploit.s

PoCs

GNU BinUtils 2.1x - GAS Buffer Overflow

securityfocus

Vulnerability Patch

Root Cause

gas/message.c:349

	vsprintf (buffer, format, args);

Stack Trace

#0  0x08058e31 in as_bad (format=Cannot access memory at address 0xbfffeacc
) at messages.c:344
#1  0x90909090 in ?? ()
#2  0x90909090 in ?? ()
#3  0x90909090 in ?? ()

References