I recently finished a quick fuzzing cycle on zling (using american fuzzy lop), and ended up with 44 unique crashes and 38 unique hangs. It's probably a safe bet that at least a few of these are exploitable for code execution, but they're obviously all DoS issues.
richox
commented
9 years ago
I recently finished a quick fuzzing cycle on zling (using american fuzzy lop), and ended up with 44 unique crashes and 38 unique hangs. It's probably a safe bet that at least a few of these are exploitable for code execution, but they're obviously all DoS issues.
The files which cause the issues are at http://code.coeusgroup.com/afl-results/b30f5b9f-d4bf-40bf-bc39-7d3c75b67295.tar.xz
Each of the files in the crashes folder causes
zling_demoto crash, and hangs causes it to hang.