CVE-2024-28515

Description

Buffer Overflow vulnerability in CSAPP_Lab CSAPP Lab3 15-213 Fall 20xx allows a remote attacker to execute arbitrary code via the lab3 of csapp,lab3/buflab-update.pl component.

Additional Information

CNVD has completed verification of this vulnerability, but it has not been publicly disclosed because the vulnerability has not been fixed.

Vulnerability Type

Buffer Overflow

Vendor of Product

CSAPP_Lab (Lab of CS:APP3e)

Affected Product Code Base

CSAPP Lab3 - 15-213, Fall 20xx (There's only one version.)

Affected Component

lab3 of csapp,lab3/buflab-update.pl

Attack Vectors

If the server deploys lab3 of csapp_lab, an attacker can access a specific URL to execute arbitrary code.

Discoverer

Yuchao He, Yijie Xun, Jiajia Liu, Yuwei Yang, Bomin Mao, Hongzhi Guo (all discoverers from Northwestern Polytechnical University)

Reference

For the POC, refer to another file in the same folder.

Name		Name	Last commit message	Last commit date
Latest commit History 8 Commits
README.md		README.md
csapp_RCE.md		csapp_RCE.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

CVE-2024-28515

Description

Additional Information

Vulnerability Type

Vendor of Product

Affected Product Code Base

Affected Component

Attack Vectors

Discoverer

Reference

About

Releases

Packages

heshi906/CVE-2024-28515

Folders and files

Latest commit

History

Repository files navigation

CVE-2024-28515

Description

Additional Information

Vulnerability Type

Vendor of Product

Affected Product Code Base

Affected Component

Attack Vectors

Discoverer

Reference

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages