Skip to content

jfrog/jfrog-CVE-2023-25136-OpenSSH_Double-Free

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
cve-2023-25136.py
cve-2023-25136.py
 
 

Repository files navigation

CVE-2023-25136 Proof-of-Concept

Overview

This is a DoS Proof-of-Concept of OpenSSH 9.1p1 Double-Free Vulnerability CVE-2023-25136.
It will trigger the double-free and cause an abort crash.
For a comprehensive understanding, check out the accompanying blog post for in-depth details.

Dependencies

  • Python 3.6+
  • paramiko Python Library

Usage

  1. Verify paramiko is installed:
pip install paramiko

  1. Change the VICTIM_IP to match your vulnerable OpenSSH Server IP.

  2. Run the PoC:

python cve-2023-25136.py

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license

Security policy

Security policy
Activity
Custom properties

Stars

43 stars

Watchers

4 watching

Forks

10 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages