{"vulnerability": "cve-2022-27881", "sightings": [{"uuid": "92da57bd-24aa-41f4-9526-aa583a0016bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-27881", "type": "seen", "source": "https://t.me/cibsecurity/39564", "content": "\u203c CVE-2022-27881 \u203c\n\nengine.c in slaacd in OpenBSD 6.9 and 7.0 before 2022-02-21 has a buffer overflow triggerable by an IPv6 router advertisement with more than seven nameservers. NOTE: privilege separation and pledge can prevent exploitation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-25T21:31:09.000000Z"}, {"uuid": "681d919b-2881-455f-b509-30e77f470fab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-27881", "type": "published-proof-of-concept", "source": "https://t.me/ShizoPrivacy/147", "content": "|CVE-2022-27881|\n\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014--\n\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 slaacd \u0434\u0435\u043c\u043e\u043d\u0435(engine.c) \u0432 OpenBSD(6.9 \u0438 7.0) , \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430(buffer overflow). OpenBSD \u0431\u044b\u0441\u0442\u0440\u043e \u043f\u043e\u0434\u043b\u0430\u0442\u0430\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438 \u043f\u043e\u044f\u0432\u0438\u043b\u043e\u0441\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438:\n\ud83d\udd28017(\u0434\u043b\u044f OpenBSD 7.0) \n\ud83d\udd28033(\u0434\u043b\u044f OpenBSD 6.9).\n\u041d\u0430 \u043f\u0435\u0440\u0432\u043e\u043c \u0444\u043e\u0442\u043e \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u0434\u0435,  \u0430 \u043d\u0430 \u0432\u0442\u043e\u0440\u043e\u043c \u0438 \u0442\u0440\u0435\u0442\u044c\u0435\u043c - PoC.\n\u0422\u0430\u043a \u0447\u0442\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0439\u0441\u044f, \u0434\u0430\u0431\u044b \u043d\u0435 \u043e\u043a\u0430\u0437\u0430\u0442\u044c\u0441\u044f \u0436\u0435\u0440\u0442\u0432\u043e\u0439 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u044d\u0442\u043e\u0439 CVE.\n\nA new vulnerability in the slaacd daemon(engine.c) in OpenBSD (6.9 and 7.0) related to buffer overflow. OpenBSD quickly patched up the vulnerability and security fixes appeared:\n\ud83d\udd28017(for OpenBSD 7.0)\n\ud83d\udd28 033(for OpenBSD 6.9).\nThe first photo is actually a vulnerability in code, and the second and third are PoC.\nSo update yourself so as not to be a victim using an exploit based on this CVE.\n#cve #poc", "creation_timestamp": "2022-03-27T23:41:47.000000Z"}]}