CVE-2010-4052

glibc 2.11.3/2.12.x-2.12.2 DoS via Adjacent Repetition in Regex

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2010-4052. PoCs published by Maksymilian Arciemowicz.

AI-analyzed exploit summary This exploit targets a denial-of-service vulnerability in GNU glibc's regex handling (CVE-2010-4052) by creating a malicious .ftpaccess file in ProFTPD. It leverages stack exhaustion via crafted regular expressions to cause CPU or memory exhaustion, leading to service disruption.

Description

Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Maksymilian Arciemowicz · cdoslinux
https://www.exploit-db.com/exploits/35061

This exploit targets a denial-of-service vulnerability in GNU glibc's regex handling (CVE-2010-4052) by creating a malicious .ftpaccess file in ProFTPD. It leverages stack exhaustion via crafted regular expressions to cause CPU or memory exhaustion, leading to service disruption.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: ProFTPD with GNU glibc (unknown versions)
Auth required
Prerequisites: Write access to create .ftpaccess file · ProFTPD server using GNU glibc
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by Maksymilian Arciemowicz · cdoslinux
https://www.exploit-db.com/exploits/15935

The exploit demonstrates a denial-of-service (DoS) vulnerability in GNU libc's regcomp function (CVE-2010-4051) by triggering a stack exhaustion or segmentation fault via malformed regular expressions with excessive repetition operators. The PoC code provides multiple examples of patterns that cause crashes in applications like grep, pgrep, and proftpd.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: GNU libc (regcomp function), affected applications include grep, pgrep, proftpd, etc.
No auth needed
Prerequisites: Access to a system with vulnerable GNU libc or affected applications
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (11)

Core 11
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/42547
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1024832
Exploit mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2011/Jan/78
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/912279
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/45233
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/515589/100/0/threaded
Patch x_refsource_misc
http://cxib.net/stuff/proftpd.gnu.c
Exploit, Third Party Advisory exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/15935
Exploit third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/8003
Exploit third-party-advisory x_refsource_sreasonres
http://securityreason.com/achievement_securityalert/93

Scores

EPSS 0.5130
EPSS Percentile 98.8%

Details

CWE
CWE-399
Status published
Products (28)
gnu/glibc 1.00
gnu/glibc 1.01
gnu/glibc 1.02
gnu/glibc 1.03
gnu/glibc 1.04
gnu/glibc 1.05
gnu/glibc 1.06
gnu/glibc 1.07
gnu/glibc 1.08
gnu/glibc 1.09
... and 18 more
Published Jan 13, 2011
Tracked Since Feb 18, 2026