oss-sec mailing list archives
[CVE-2017-14266] tcprewrite Heap-Based Buffer Overflow
From: Luciano Bello <luciano () debian org>
Date: Mon, 18 Sep 2017 13:18:46 -0400
Hi there, I'm trying to reproduce this, to check the affected versions https://www.exploit-db.com/exploits/42652/ I tried in Debian Sid (4.2.6-1) and Debian Stretch (3.4.4-3) and I was not able to reproduce the issue. Specially for the later, the fact that tcprewrite exists normally is puzzling. Hosein (the PoC author) claims to make it work in 3.4.4 (on Ubuntu 16.04). Can else somebody confirm this issue? Thanks, luciano
Current thread:
- [CVE-2017-14266] tcprewrite Heap-Based Buffer Overflow Luciano Bello (Sep 18)
- Message not available
- Re: [CVE-2017-14266] tcprewrite Heap-Based Buffer Overflow Luciano Bello (Sep 19)
- Message not available
- <Possible follow-ups>
- Re: [CVE-2017-14266] tcprewrite Heap-Based Buffer Overflow Salvatore Bonaccorso (Sep 22)