Disk Sorter Enterprise 9.5.12 – Local Buffer Overflow

Exploit Database
33 阅读

作者： Nassim Asrir

日期： 2017-03-27
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/41737/

[+] Title: Disk Sorter Server v9.5.12 - Local Stack-based buffer overflow
[+] Credits / Discovery: Nassim Asrir
[+] Author Email: wassline@gmail.com || https://www.linkedin.com/in/nassim-asrir-b73a57122/
[+] Author Company: Henceforth
[+] CVE: N/A

Vendor:
===============

http://www.disksorter.com/

 
Download:
===========

http://www.disksorter.com/setups/disksortersrv_setup_v9.5.12.exe
 
 
Vulnerability Type:
===================

local stack-based buffer overflow


POC:
===================

Launch the program click on :

1 - Server 

2 - Connect

3 - and in the Share Name field inject (5000 "A") then the program crashed see the picture.

CVE Reference:
===============

N/A
 
 
Tested on:
=============== 

Windows 7

Win xp

last Exploits
Disk Sorter Enterprise 9.5.12 – Local Buffer Overflow的更多信息

SurfOffline Professional 2.2.0.103 – ‘Project Name’ Denial of Service (SEH)：
TeamSpeak Client 3.0.14 – Buffer Overflow：
CrossFont 7.5 – Denial of Service (PoC)：
RPCScan 2.03 – Hostname/IP Field Overwrite (SEH) (PoC)：
Autodesk Backburner Manager 3 < 2016.0.0.2150 - Null Dereference Denial of Service：
1Password < 7.0 - Denial of Service：
Microsoft Visio 2016 16.0.4738.1000 – ‘Log in accounts’ Denial of Service：
Adobe Flash TextField.type Setter – Use-After-Free：