mirror of
https://github.com/0xMarcio/cve.git
synced 2026-04-21 09:56:14 +02:00
0xMarcio
1.5 KiB
1.5 KiB
CVE-2017-16231
Description
In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used
POC
Reference
- http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html
- http://seclists.org/fulldisclosure/2018/Dec/33
- http://www.openwall.com/lists/oss-security/2017/11/01/11
- http://www.openwall.com/lists/oss-security/2017/11/01/3
- http://www.openwall.com/lists/oss-security/2017/11/01/7
- http://www.openwall.com/lists/oss-security/2017/11/01/8
Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/PajakAlexandre/wik-dps-tp02
- https://github.com/cdupuis/image-api
- https://github.com/flyrev/security-scan-ci-presentation
- https://github.com/fokypoky/places-list
- https://github.com/followboy1999/cve
- https://github.com/garethr/snykout
- https://github.com/mmbazm/secure_license_server