The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.
Remember a month ago there was a lot of fuss about finding a hole in glibc .
At that time, many hosters were still tense. But since nothing leaked to the wider public, everyone calmed down.
But the researchers did not calm down; the smell of the promising exploit was too tasty.
Well, Iconv crawls onto the stage with its RCE .
*
Today there was an excellent WriteUp (the first part of three), which reveals only part of the potential of hole 2961
*
Reading
Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine
What do you think?
It is nice to know your opinion. Leave a comment.