Mageia Bugzilla – Attachment 9425 Details for
Bug 20057
libtiff new security issues CVE-2016-1009[2-5], CVE-2017-5225, CVE-2017-5849 and more
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
New Account
|
Forgot Password
List of poc test commands
poc_tests (text/plain), 2.18 KB, created by
Len Lawrence
on 2017-06-18 13:54:26 CEST
(
hide
)
Description:
List of poc test commands
Filename:
MIME Type:
Creator:
Len Lawrence
Created:
2017-06-18 13:54:26 CEST
Size:
2.18 KB
patch
obsolete
> ># CVE-2016-10092 >$ tiffcp -i 00068-libtiff-heapoverflow-_tiffWriteProc /tmp/foo >$ tiffcrop -i 00100-libtiff-heapoverflow-_TIFFFax3fillruns /tmp/foo >$ tiffcrop -i 00102-libtiff-heapoverflow-_TIFFmemcpy /tmp/foo ># CVE-2016-10093 >$ tiffcp -i 00082-libtiff-heap-overflow-cpStripToTile /tmp/foo ># CVE-2016-10094 >$ tiff2pdf 00112-libtiff-heapoverflow-_TIFFmemcpy -o foo ># CVE-2016-10095 >$ tiffsplit00104-libtiff-stackoverflow-_TIFFVGetField ># CVE-2017-5225 >$ tiffcp -p separate poc_2656.tiff output.tiff >$ tiffcp -p contig poc_2657.tiff output.tiff ># CVE-2016-10266 >$ tiffcp -i 00064-libtiff-fpe-TIFFReadEncodedStrip /tmp/foo ># CVE-2016-10267 >$ tiffmedian 00083-libtiff-fpe-OJPEGDecodeRaw /tmp/foo >$ tiffcrop 00099-libtiff-fpe-readSeparateStripsIntoBuffer /tmp/foo >$ tiffcp 00065-libtiff-fpe-readSeparateTilesIntoBuffer /tmp/foo >$ tiffcp -i 00073-libtiff-fpe-writeBufferToSeparateTiles /tmp/foo ># CVE-2016-10268 >$ tiffcp -i 00068-libtiff-heapoverflow-_tiffWriteProc /tmp/foo >$ tiffcp -i 00066-libtiff-heapoverflow-TIFFReverseBits /tmp/foo ># CVE-2016-10269 >$ tiffcp -i 00071-libtiff-heapoverflow-_TIFFmemcpy /tmp/foo ># CVE-2016-10270 >$ tiffcp -i 00074-libtiff-heapoverflow-TIFFFillStrip /tmp/foo ># CVE-2016-10271 >$ tiffcrop -i 00100-libtiff-heapoverflow-_TIFFFax3fillruns /tmp/foo >$ tiff2ps 00107-libtiff-heapoverflow-PSDataColorContig > foo.ps >$ gs foo.ps >$ tiff2ps 00108-libtiff-heapoverflow-PSDataBW > foo.ps >$ tiffcrop -i 00101-libtiff-heapoverflow-combineSeparateSamples16bits /tmp/foo >$ tiff2rgba 00109-libtiff-heapoverflow-putcontig8bitYCbCr44tile /tmp/foo ># CVE-2017-7595 >$ tiffcp -i 00123-libtiff-fpe-JPEGSetupEncode /tmp/out ># CVE-2017-7596 >$ tiffcp -i 00113-libtiff-outside-float /tmp/foo ># CVE-2017-7597 >$ tiffcp -i 00114-libtiff-outside-float-tif_dirread /tmp/foo ># CVE-2017-7598 >$ tiffcp -i 00115-libtiff-fpe-tif_dirread /tmp/foo ># CVE-2017-7599 >$ tiffcp -i 00117-libtiff-outside-short-tif_dirwrite /tmp/foo ># CVE-2017-7600 >$ tiffcp -i 00118-libtiff-outside-unsigned-char-tif_dirwrite /tmp/foo ># CVE-2017-7601 >$ tiffcp -i 00119-libtiff-shift-long-tif_jpeg /tmp/foo ># CVE-2017-7602 >$ tiffcp -i 00121-libtiff-signintoverflow-tif_read /tmp/foo ># CVE-2016-3658 >$ cp 19_tiffset.tiff 19_tiffset.tiff.bak >$ tiffset 19_tiffset.tiff >
# CVE-2016-10092 $ tiffcp -i 00068-libtiff-heapoverflow-_tiffWriteProc /tmp/foo $ tiffcrop -i 00100-libtiff-heapoverflow-_TIFFFax3fillruns /tmp/foo $ tiffcrop -i 00102-libtiff-heapoverflow-_TIFFmemcpy /tmp/foo # CVE-2016-10093 $ tiffcp -i 00082-libtiff-heap-overflow-cpStripToTile /tmp/foo # CVE-2016-10094 $ tiff2pdf 00112-libtiff-heapoverflow-_TIFFmemcpy -o foo # CVE-2016-10095 $ tiffsplit00104-libtiff-stackoverflow-_TIFFVGetField # CVE-2017-5225 $ tiffcp -p separate poc_2656.tiff output.tiff $ tiffcp -p contig poc_2657.tiff output.tiff # CVE-2016-10266 $ tiffcp -i 00064-libtiff-fpe-TIFFReadEncodedStrip /tmp/foo # CVE-2016-10267 $ tiffmedian 00083-libtiff-fpe-OJPEGDecodeRaw /tmp/foo $ tiffcrop 00099-libtiff-fpe-readSeparateStripsIntoBuffer /tmp/foo $ tiffcp 00065-libtiff-fpe-readSeparateTilesIntoBuffer /tmp/foo $ tiffcp -i 00073-libtiff-fpe-writeBufferToSeparateTiles /tmp/foo # CVE-2016-10268 $ tiffcp -i 00068-libtiff-heapoverflow-_tiffWriteProc /tmp/foo $ tiffcp -i 00066-libtiff-heapoverflow-TIFFReverseBits /tmp/foo # CVE-2016-10269 $ tiffcp -i 00071-libtiff-heapoverflow-_TIFFmemcpy /tmp/foo # CVE-2016-10270 $ tiffcp -i 00074-libtiff-heapoverflow-TIFFFillStrip /tmp/foo # CVE-2016-10271 $ tiffcrop -i 00100-libtiff-heapoverflow-_TIFFFax3fillruns /tmp/foo $ tiff2ps 00107-libtiff-heapoverflow-PSDataColorContig > foo.ps $ gs foo.ps $ tiff2ps 00108-libtiff-heapoverflow-PSDataBW > foo.ps $ tiffcrop -i 00101-libtiff-heapoverflow-combineSeparateSamples16bits /tmp/foo $ tiff2rgba 00109-libtiff-heapoverflow-putcontig8bitYCbCr44tile /tmp/foo # CVE-2017-7595 $ tiffcp -i 00123-libtiff-fpe-JPEGSetupEncode /tmp/out # CVE-2017-7596 $ tiffcp -i 00113-libtiff-outside-float /tmp/foo # CVE-2017-7597 $ tiffcp -i 00114-libtiff-outside-float-tif_dirread /tmp/foo # CVE-2017-7598 $ tiffcp -i 00115-libtiff-fpe-tif_dirread /tmp/foo # CVE-2017-7599 $ tiffcp -i 00117-libtiff-outside-short-tif_dirwrite /tmp/foo # CVE-2017-7600 $ tiffcp -i 00118-libtiff-outside-unsigned-char-tif_dirwrite /tmp/foo # CVE-2017-7601 $ tiffcp -i 00119-libtiff-shift-long-tif_jpeg /tmp/foo # CVE-2017-7602 $ tiffcp -i 00121-libtiff-signintoverflow-tif_read /tmp/foo # CVE-2016-3658 $ cp 19_tiffset.tiff 19_tiffset.tiff.bak $ tiffset 19_tiffset.tiff
View Attachment As Raw
Actions:
View
Attachments on
bug 20057
:
9422
|
9423
|
9424
| 9425 |
9427
|
9429