Skip to content
Branch: master
Find file History
Pull request Compare This branch is 1 commit ahead, 3 commits behind mudongliang:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
README.md
exploit.py

README.md

CVE-2008-4864

Experiment Environment

Ubuntu 10.04 LTS

INSTALL & Configuration

wget https://github.com/mudongliang/source-packages/raw/master/CVE-2008-4864/Python-2.5.1.tar.bz2
tar -xvf Python-2.5.1.tar.bz2
cd Python-2.5.1
./configure
make

Problems in Installation & Configuration

How to trigger vulnerability

./python exploit.py

PoCs

Python < 2.5.2 Imageop Module - 'imageop.crop()' Buffer Overflow

Python 'Imageop' Module Argument Validation Buffer Overflow Vulnerability

Python VM breakout bugs

Vulnerability Patch

Root Cause

Stack Trace

Patch

References

You can’t perform that action at this time.