buffer size confusion in vastrock-huang/minivpn
Jun 5th 2022
an attempt to write 2000 into a buffer of 10 bytes, while
SSL_read does not add a zero at the end.
Proof of Concept
char buf; SSL_read(ssl,buf,BUFF_SIZE); int virtualIP = atoi(buf);...
by changing the network data, you can access remote code execution. gives out that the application is building vpn, the information is also very sensitive.
We are processing your report and will contact the vastrock-huang/minivpn team within 24 hours. a year ago
We have contacted a member of the vastrock-huang/minivpn team and are waiting to hear back a year ago
vastrock-huang gave praise a year ago
Great work @ihsinme 👌, I have fixed this according to your patch.
The researcher's credibility has slightly increased as a result of the maintainer's thanks: +1
We have sent a follow up to the vastrock-huang/minivpn team. We will try again in 7 days. a year ago
vastrock-huang validated this vulnerability a year ago
ihsinme has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
vastrock-huang marked this as fixed in 0 with commit 9acc42 a year ago
This vulnerability will not receive a CVE
to join this conversation