Skip to content

feat: add PoC for options OOB#11

Draft
nbolton wants to merge 1 commit into
mainfrom
poc/opt-oob
Draft

feat: add PoC for options OOB#11
nbolton wants to merge 1 commit into
mainfrom
poc/opt-oob

Conversation

@nbolton

@nbolton nbolton commented Jul 1, 2026

Copy link
Copy Markdown
Member

Master:

./cve_XXXX_XXXXX_options_oob.py
CVE-XXXX-XXXXX — dsop options odd-length out-of-bounds read
malicious server on 127.0.0.1:24800
start a deskflow client (tls disabled) pointed at this address

[*] waiting for client
client connected from 127.0.0.1:37964, helloback: 24 bytes
sent malformed dsop, vector length 1, option id heartbeat, no value
[FAIL] client dropped connection — VULNERABLE (CVE-XXXX-XXXXX)

deskflow/deskflow#9907

 ./cve_XXXX_XXXXX_options_oob.py
CVE-XXXX-XXXXX — dsop options odd-length out-of-bounds read
malicious server on 127.0.0.1:24800
start a deskflow client (tls disabled) pointed at this address

[*] waiting for client
client connected from 127.0.0.1:54780, helloback: 24 bytes
sent malformed dsop, vector length 1, option id heartbeat, no value
[PASS] client survived — odd-length options rejected, fix in place

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant