Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2015-7547 PoC — GNU C Library 缓冲区错误漏洞

Source
https://github.com/Stick-U235/CVE-2015-7547-Research
Associated Vulnerability
Title:GNU C Library 缓冲区错误漏洞 (CVE-2015-7547)
Description:Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
Description
CVE-2015-7547 initial research.
Readme
Initial work on glibc exploit (CVE-2015-7547). Currently just returns to libc and calls system to provide a shell. This version does not account for ASLR yet.
File Snapshot

 [4.0K]  /data/pocs/514772b96f256ab3dc17c393918d68212bf75925
├── [ 967]  client.c
├── [4.3K]  exploit.py
└── [ 159]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →