CVE-2021-40346 integer overflow enables http smuggling

Last update: Nov 15, 2022

Overview

CVE-2021-40346-POC

CVE-2021-40346 integer overflow enables http smuggling

Reference: https://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021-40346-integer-overflow-enables-http-smuggling/

整数溢出导致的http请求走私

Build

git clone https://github.com/donky16/CVE-2021-40346-POC.git
cd CVE-2021-40346-POC 
docker-compose build 
docker-compose up -d

Exploit

CVE-2022-22536 - SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536

CVE-2022-22536 SAP memory pipes desynchronization vulnerability(MPI) CVE-2022-22

49 Nov 9, 2022

Cve-2022-23131 - Cve-2022-23131 zabbix-saml-bypass-exp

cve-2022-23131 cve-2022-23131 zabbix-saml-bypass-exp replace [zbx_signed_session

135 Dec 14, 2022

CVE-2022-22965 - CVE-2010-1622 redux

CVE-2022-22965 - vulnerable app and PoC Trial & error $ docker rm -f rce; docker build -t rce:latest . && docker run -d -p 8080:8080 --name rce rce:la

20 Aug 25, 2022

Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers

CVE-2022-21907 - Double Free in http.sys driver Summary An unauthenticated attacker can send an HTTP request with an "Accept-Encoding" HTTP request he

71 Dec 22, 2022

HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907

CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability. create by antx at 2022-01-17. Detail HTTP

365 Nov 30, 2022

🍯 16 honeypots in a single pypi package (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres & MySQL)

Easy to setup customizable honeypots for monitoring network traffic, bots activities and username\password credentials. The current available honeypot

259 Dec 31, 2022

Comments

gentry error

Getting the following:

Error: class uri 'gevent' invalid or not found:

[Traceback (most recent call last):
File "/usr/local/lib/python3.8/site-packages/gunicorn/workers/ggevent.py", line 13, in <module>
import gevent
ModuleNotFoundError: No module named 'gevent'

During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.8/site-packages/gunicorn/util.py", line 99, in load_class
mod = importlib.import_module('.'.join(components))
File "/usr/local/lib/python3.8/importlib/__init__.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "<frozen importlib._bootstrap>", line 1014, in _gcd_import
File "<frozen importlib._bootstrap>", line 991, in _find_and_load
File "<frozen importlib._bootstrap>", line 975, in _find_and_load_unlocked
File "<frozen importlib._bootstrap>", line 671, in _load_unlocked
File "<frozen importlib._bootstrap_external>", line 843, in exec_module
File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
File "/usr/local/lib/python3.8/site-packages/gunicorn/workers/ggevent.py", line 15, in <module>
raise RuntimeError("gevent worker requires gevent 1.4 or higher")
RuntimeError: gevent worker requires gevent 1.4 or higher
]

Changed Dockerfile to:

FROM python:3.8
RUN apt update
RUN pip3 install flask
RUN pip3 install gevent
RUN pip3 install gunicorn
RUN pip3 install gunicorn
COPY ./main.py /home/main.py
WORKDIR /home
CMD gunicorn --keep-alive 10 -k gevent --bind 0.0.0.0:5000 -w 20 main:app

Works now

opened by youngd24 0

CVE-2021-40346 integer overflow enables http smuggling

Related tags

Overview

CVE-2021-40346-POC

Build

Exploit

You might also like...

CVE-2022-22536 - SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536

Cve-2022-23131 - Cve-2022-23131 zabbix-saml-bypass-exp

CVE-2022-22965 - CVE-2010-1622 redux

Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers

HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907

🍯 16 honeypots in a single pypi package (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres & MySQL)

Windows Stack Based Auto Buffer Overflow Exploiter

Cisco RV110w UPnP stack overflow

Buffer Overflow para SLmail5.5 32 bits

Comments

gentry error

Owner

donky16

DNSpooq - dnsmasq cache poisoning (CVE-2020-25686, CVE-2020-25684, CVE-2020-25685)

ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)

Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527) using standard Impacket.

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

Exploiting CVE-2021-42278 and CVE-2021-42287

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

Details,PoC and patches for CVE-2021-45383 & CVE-2021-45384

Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or CVE from Github by CVE ID.

CVE-2022-21907 - Windows HTTP协议栈远程代码执行漏洞 CVE-2022-21907