Hi, My understanding of this issue is you are starting agentxtrap on the command line and then doing something to it to make argv[0] = NULL ? I can see how this is possible in a debugger, but is there any way of doing this outside a debugger or something that is directly writing to the process memory?
Assuming argv[0] is some value is a reasonable assumption I would have thought. - Craig On Wed, 2 Mar 2022 at 17:39, bi bi <beafb...@gmail.com> wrote: > Package: snmp > Version: 5.9.1 (Previous versions should also have these vulnerabilities) > > We found one bug in snmp by fuzzing. Here is the vulnerability info and > poc. Please assist us to get the cve number, it is very important to us. > > Discover: Yingchao Yu, Shibin Zhao, Chiheng Wang > > If argv[0] is NULL when agentxtrap is started, it will cause a null pointer > reference vulnerability in strrchr() when the main function of agentxtrap > starts parsing the parameters. > > [image: image.png] > > > poc: > >
