HC's Capture the Flag website
CTF Contests
25C3-CTF
25C3-CTF final results
Advisory #50
From team Stealth Assassin
New advisory by : thaidn
Affected service(s): vdspi
Severity [lmh] : medium
===== Problem =====
Exploit to get flag.
1\n
2\n
\n
\n
===== Impact =====
Get all flags
===== Fix =====
file persondb.adb, line 106, change to this::
if first'Length >0 and last'Length >0 and first'Length <= f'Length and last'Length <= l'Length
Rating
[0] doesn't really fix the issue