This module exploits a vulnerability in the OpenSSL library. OpenSSL versions 0.9.7-beta, 0.9.7, 0.9.7a and 0.9.7b are affected. The corresponding OpenSSL advisory states: "Certain ASN.1 encodings that are rejected as invalid by the parser can trigger a bug in the deallocation of the corresponding data structure". This module triggers this deallocation and abuses the dynamic memory allocator of vulnerable Linux systems in order to execute arbitrary code. 3 different attack methods are available: - Known-targets: this method will attempt to exploit the remote server using the parameters of the built-in known-targets. Since this method will be carried out quickly, it is the first one that should be tried. - Stack at 0xc0000000: this method will try to brute-force the stack until the correct return address is found. This method can take a very long time, but will stop as soon as it considers that the correct return address could not be found. - Stack at 0x80000000: this method is similar to the previous one and should only be tried if the previous methods failed. The stack of most of the Linux systems is indeed located at 0xc0000000, but in some rare cases it can be located at 0x80000000.
CVE Link
Exploit Platform
Product Name