Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2006-2656

Publish Date: 26 May 2006

Author: nitr0us

                							

                # tiffsplit (libtiff &lt;= 3.8.2) local stack buffer overflow PoC

tiffsplit from libtiff (http://www.remotesensing.org/libtiff/)
is vulnerable to a bss-based and stack-based overflow, but, I just
wrote the concept c0de for stack-based b0f 'cause I don't know how
to take advantage of the overwritten bss data (after the overflow,
that data is overwritten again correctly by a program' function).

.bss section is in higher addresses than .dtors section, so, we
can't hijack .dtors to....

PoC: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/1831.tar.gz (05262006-tiffspl33t.tar.gz)

nitr0us &lt;nitrousenador[at]gmail[dot]com&gt;

# milw0rm.com [2006-05-26]

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

tiffsplit (libtiff 3.8.2) - Local Stack Buffer Overflow

Vulmon Search

About

Products

Connect