CVE-2012-5667 – Grep < 2.11 - Integer Overflow Crash (PoC)

https://notcve.org/view.php?id=CVE-2012-5667

Multiple integer overflows in GNU Grep before 2.11 might allow context-dependent attackers to execute arbitrary code via vectors involving a long input line that triggers a heap-based buffer overflow. Múltiples desbordamientos de enteros en GNU Grep antes de v2.11 podría permitir a atacantes locales o remotos ejecutar código arbitrario a través de vectores relacionados con una larga línea de entrada que dispara un desbordamiento de búfer basado en memoria dinámica. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way grep parsed large lines of data. An attacker able to trick a user into running grep on a specially crafted data file could use this flaw to crash grep or, potentially, execute arbitrary code with the privileges of the user running grep. Grep versions prior to 2.11 suffer from an integer overflow vulnerability. • https://www.exploit-db.com/exploits/23779 http://git.savannah.gnu.org/cgit/grep.git/commit/?id=8fcf61523644df42e1905c81bed26838e0b04f91 http://git.savannah.gnu.org/cgit/grep.git/commit/?id=cbbc1a45b9f843c811905c97c90a5d31f8e6c189 http://git.sv.gnu.org/gitweb/?p=grep.git%3Ba=shortlog%3Bh=v2.11 http://lists.gnu.org/archive/html/bug-grep/2012-12/msg00004.html http://openwall.com/lists/oss-security/2012/12/22/6 http://rhn.redhat.com/errata/RHSA-2015-1447.html http://www.security • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •