La nuova immagine di TIM
Una nuova immagine con uno stile dinamico, colori moderni e persone che occupano quasi interamente la scena. Scopri di più
Presentazione dei Risultati H1 2025
Vai alla pagina
La Sostenibilità per TIM
Il Report 2024 accoglie i principi della Corporate Sustainability Reporting Directive (CSRD) ed è incluso nella Relazione Finanziaria e di Sostenibilità. Approfondisci
Ultimi Comunicati Stampa
Leggi gli ultimi comunicati stampa e naviga nell'archivio dell'Ufficio Stampa del Gruppo TIM. Leggi i comunicati
Vulnerability Description: Stack-based Buffer Overflow - CWE-121
Software Version: 1.2.1
NIST: https://nvd.nist.gov/vuln/detail/CVE-2024-52949
CVSS:
Severity:
Credits: Massimiliano Ferraresi, Massimiliano Brolli
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). Buffer overflows often can be used to execute arbitrary
Step-by-step instructions and PoC
During an assessment we fuzzed the -C argument with AFL++ with the following command
sudo ./afl-fuzz -i /in -o /out -- ./iptraf-ng -C @@
The /in directory contains various types of playlists that AFL can fuzz and iterate over. After one day of fuzzing, we found 4 types of config that crash iptraf-ng. The issue consistently occurs in the strcpy function doesn’t control the size and is possible to overflow memory in the stack
The following evidence the line of vulnerability code:
Figure 1: /src/ifaces.c:70
This is the overwritten EIP:
Figure 2: overwritten EIP
Below you can find an exploit, by way of it’s possible execute arbitrary code, and the relative payload it generates:
Figure 3: Exploit to execute arbitrary code
Figure 4: Payload
Inject the payload into -i argument:
Figure 5: Payload injection
Execute the shell:
Figure 6: Shell execution
Security Impact
An attacker can use a malicious configuration file to execute arbitrary code on the victim's program with root privilege.